Manufacturers Must Not Neglect Security as Their Digitalization Projects Advance
|
NEWS
|
Swiss industrial automation and robotics company ABB has announced partnerships with IBM and Forescout to help manufacturers protect their process control systems. As a result of partnering with IBM, ABB is launching a new OT Security Event Monitoring Service whereby IBM’s security event monitoring portfolio and ABB’s expertise in process control systems are brought together. Separately, ABB is focusing on helping the cybersecurity efforts of firms in the energy and process industries by partnering with cybersecurity provider Forescout. In both cases, ABB is looking to marry its domain expertise with the partner’s security technologies.
Security risks for manufacturers have risen exponentially as previously isolated machines now transmit highly sensitive data, such as production levels, over IT networks. Recent notable security breaches include eyewear manufacturer Luxottica experiencing a ransomware attack that forced the company to temporarily close its operations and automotive component producer KYB Corp falling victim to a ransomware attack from the NetWalker ransomware group—it is reported that affected firms have paid the group US$25 million in ransom payments in 2020.
Separate Partnerships Expand ABB's Portfolio
|
IMPACT
|
ABB’s process control systems constantly monitor and analyze client’s processes and asset performance levels on the plant floor. The OT Security Event Monitoring Service forwards event log details from the ABB process control systems to the IBM Security platform, QRadar, which analyzes the data using machine learning to perform pattern matching and cross-correlations to identify anomalies, detect potential threats, and trigger alarms.
The partnership with Forescout concerns network security. ABB is adding Forescout’s expertise to its portfolio in order to provide firms with visibility across their entire networks, especially as more staff are now working remotely. ABB will also provide, as part of a reseller agreement, Forescout’s solutions eyeSight (monitoring devices as they access the network), eyeInspect (helping security analysts with risk management workflows), and eyeSegment (mapping traffic flows of users, applications, services, and devices).
Manufacturers Need to Plug Vulnerabilities as Previously Isolated Machines Become "Smart"
|
RECOMMENDATIONS
|
Today the Industrial Internet of Things (IIoT) is significantly enhancing the capabilities of Industrial Control Systems (ICS) across multiple verticals, but many verticals have been sheltered from Internet connectivity and are now exposed to IP-borne attacks. A report from the MIT Technology Review[1] states that up to 96% of local ICSs are considered vulnerable to cyberattacks, with risk of production downtime, the attacks proliferate to partners’ systems, the destruction of critical ICS components, and theft of intellectual property and trade secrets, causing a blow to the manufacturer’s reputation and billions in economic damage, and potentially threatening human lives.
The ABI Research market data Digital Factory Data (MD-IICT-106) predicts that spending on security services (including the hardware and software relating to transport and physical security of digital factory connections) by manufacturers will rise from US$1.4 billion in 2020 to US$3.6 billion in 2025. ABB’s portfolio and partnering strategy means that a manufacturer accesses best-of-breed solution in operational technologies and cybersecurity from a single supplier, which should provide confidence that any vulnerabilities are fixed in a shorter time period than if disparate systems were being utilized.
For more information on this topic, please refer to the ABI Research report Cybersecurity for Industrial Control Systems (AN-2484).
[1] https://www.technologyreview.com/2019/01/28/137704/industrial-control-systems-are-still-vulnerable-to-malicious-cyberattacks/
