Platform on production and process automation
The cyber resilience of manufacturing companies must improve

Cyber resilience of manufacturing companies must improve

Industrial cybersecurity is a hot topic more than ever. Those who do not deal with it in the right way will sooner or later run into trouble. In this article, Thomas Vasen, business development manager for network security at HMS Networks, discusses the main drivers for dealing with security. He also presents a number of solutions.

"Cybersecurity is currently way behind in OT environments compared to IT environments," Vasen knows. "At the same time, there is a frightening trend that the manufacturing industry is currently a major target of cyber attacks. This is a result of the rapid digitization process and a technology shift from older bus networks to more modern industrial Ethernet networks. It is a good thing that companies are striving for higher effectiveness and Industry 4.0 driven business models. However, with that also comes the fact that more and more machines are connected to each other and to IT systems and the cloud. Security has therefore become even more important than before." HMS Networks specializes in various communication solutions. With advanced technology, the company connects millions of industrial devices worldwide, both in automation systems and in
IIoT applications. 

Greater risk

The industry needs to catch up. "The risk is higher. There is a lot of ransomware gripping the manufacturing industry, mainly through the IT part for now. But this also impacts the OT environment," Vasen said. "Often when an attack occurs, the production process has to be shut down because one has no or too little control over the IT/OT boundary. Indeed, once the attacks reach the OT part, the consequences are much higher. This not only results in a lot of downtime, but since machines and robotics are often used, there is also more risk that attacks will also become a security issue."

Afbeelding 2 kopieren
Anybus Defender provides optimal protection for industrial networks. With this Industrial Security Appliance, take advantage of robust segmentation, IEC62443 compliance, deep packet inspection for detailed access control, secure connection between multiple plants and flexible hardware options.

Laws and regulations

Vasen cites one final driver for getting started with cybersecurity. "The European Union adopted the new updated Network and Information Security Directive (NIS2) in early 2023. The aim is to improve the cyber resilience of companies. There are also standards that offer help such as the IEC 62443 that gives process automation a strong foothold." The popularity of IEC 62443 is increasing, he says. "In this standard, you have to choose what level of security you want to implement. Level 2 is easily seen as a basic level. This protects your company against the occasional hacker, among other things. This includes network segmentation and physical segmentation of control systems. Current networks need to be changed from flat networks to physically segmented networks."

Segmentation

"HMS provides products that make it easier to bring better security to networks through segmentation," Vasen said. "When you segment, you isolate parts of your network. This allows you to limit the impact - if something happens - to that one segment. We do that with a range of products. New in our range is  Anybus Defender; a range of ten variants for different use cases for machine segmentation in OT environments that will be available on the market from mid-September. For example, you can segment around your production machines or around your packaging line. Segmentation between IT and OT is also possible with DMZ (DeMilitarized Zones) management. And if you still have old, vulnerable machines with an old software system in your machine park whose updates are no longer available, you can also give them extra protection with DPI (Deep Packet Inspection) and IPS (Intrusion Protection System). You can use these to determine very specifically what traffic can be allowed." Finally, HMS also has the ability to secure the connection between multiple plants, so that a secure network can be established from one machine line to another over longer distances with VPN technology.

Training

HMS also offers a number of training courses. "These are not product trainings, but general trainings to raise awareness around industrial security," Vasen says. "They are trainings to make clear what are potential dangers where a hacker can enter, what strategies are interesting and so on. This is also in line with NIS2 and the new developments in the European field."

Schermafbeelding 2024 09 11 om 16.11.16 kopieren

In industrial networks, all nodes are vulnerable to cyber attacks. Critical areas, such as supervisor control, require extra attention, but a threat also often comes from visiting employees, remote access and misbehaving devices. Cybercriminals exploit these areas to gain access to critical process systems, and as long as risk can spread easily, it often results in unwanted production downtime. 

Collaboration

The key to a successful cybersecurity approach is a good balance between people, product and process, he concludes. "So people are also an important aspect. For example, cooperation between the OT and IT departments is very important. The IT side is often responsible for security while productivity is an important responsibility of OT. However, IT security is not simply suitable for OT. Therefore, OT and IT will have to work together so that OT-specific security can be properly implemented."

Visit HMS Network at the WoTS - Booth number 9C014

Heeft u vragen over dit artikel, project of product?

Neem dan rechtstreeks contact op met HMS Networks Benelux.

HMS Contact opnemen

Stel je vraag over dit artikel, project of product?

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
HMS Telefoonnummer +31 (0)487 20 3000 E-mailadres [email protected] Website hms-networks.com

"*" indicates required fields

Send us a message

This field is for validation purposes and should be left unchanged.

Wij gebruiken cookies. Daarmee analyseren we het gebruik van de website en verbeteren we het gebruiksgemak.

Details

Kunnen we je helpen met zoeken?

Bekijk alle resultaten