When it comes to manufacturing, security is consistently a top priority for enterprises and innovators. Experienced technologist and customer advocate at HPE, Tom Van Mulders, took some time to speak with me on this critical topic.
The digitization of manufacturing, also known as Industry 4.0, is revolutionizing important outcomes such as productivity, efficiency, flexibility, and sustainability across the spectrum of industrial enterprises. This is achieved by using digital technologies such as the Internet of Things (IoT), artificial intelligence (AI), and cloud computing to unleash new levels of highly automated and interconnected operations.
For many companies, the journey into this next era of manufacturing may be long as they work to integrate diverse fleets of legacy industrial systems, equipment, and other devices into enterprise-wide, hybrid-cloud infrastructures. One of the thorniest challenges for manufacturers as they undergo this transformation is how to maintain robust system and data security along the way.
Out of sync: IT and OT change on different timeframes
Generational transitions often take longer with industrial systems and operational technology (OT) than with computing technology. While the expected lifespan and upgrade cycles of software, compute, storage, and networking assets might be 5–8 years, the lifespan and payback periods for industrial machinery and manufacturing equipment are often measured in decades.
Fortunately, industrial IoT devices, sensors, and controls have stepped in to enable traditionally isolated legacy OT systems to connect and exchange data with modern enterprise IT infrastructures. Whether embedded into newer industrial equipment or as add-on devices used to collect data from legacy machines and systems, Statista forecasts there will be more than 8 billion industrial IoT (IIoT) devices in use by 2030, enabling benefits such as:
- Enhanced efficiency and automation: Technologies like IoT and robotics automate and streamline manufacturing processes, reduce human error, and increase production speed.
- Greater customization and flexibility: Digital manufacturing technologies offer greater process agility and mass customization of products to customer specifications.
- Improved quality control: Advanced sensors and AI computer vision and control systems precisely monitor product quality and respond to defects at production speed.
- Supply chain optimization: Real-time tracking and data-driven insights make supply chains more transparent.
- Predictive maintenance: IoT sensors help monitor equipment performance and health, enabling proactive steps to avoid costly downtime and system failures.
- AI superpowers: Each of these industrial digitization benefits become supercharged as AI and ML technologies enhance the intelligence, autonomy, and responsiveness of interconnected OT and IT systems.
Data is both the key and a prime target
While steam powered the first Industrial Revolution, Industry 4.0 is fueled by data. To deliver its benefits and breakthroughs, this new era in manufacturing involves capturing, storing, transmitting, analyzing, modeling, and generating huge volumes of data. Especially in the age of AI, manufacturing data is vital in powering advanced applications such as digital twins, autonomous smart robots, and AI-enhanced enterprise applications.
The explosion of network-connected devices and the data they generate are also subjects that keep many CSOs awake at night. In the past, manufacturers concentrated on the physical security of their facilities and supply chains. Now, not only are there many new potential vulnerabilities and entry points for cyberattacks, but all these terabytes of valuable proprietary data have become enticing targets for bad actors. Manufacturers need to protect themselves against a range of ever-evolving cyber threats, including:
- Ransomware
- Digital sabotage
- IP theft
- Phishing, viruses, and malware
- Data and privacy breaches
The crucial dilemma that security and IT teams face today is how to manage security risks without impeding the data-driven capabilities and benefits of Industry 4.0.
The first challenge is gaining visibility
A major source of concern is the lack of visibility into where potential vulnerabilities and avenues of attack are, especially as multitudes of new devices, sensors, robots, applications, and machines are added to networks.
In a 2023 survey of IT and security professionals by Ponemon Institute, 67% of respondents said that identifying and authenticating IoT devices accessing their network was critical to their organizations’ security strategy. However, 63% also indicated that their security teams lacked visibility and control of the activity of the devices connected to their IT infrastructure.
Fortunately, several leading technology providers have developed solutions for increasing visibility and control across heterogenous industrial environments.
HPE partner Schneider Electric’s EcoStruxure CyberSecurity Services, for example, leverage Nozomi Networks’ Guardian security sensor to provide visibility into an organization’s full set of connected OT, IoT, and IT assets. The solution monitors network communications and device behavior to deliver real-time awareness of connected devices and activity patterns. It helps security teams identify vulnerabilities and anomalous behavior, enabling them to respond to threats before they affect operations.
ABB, another HPE partner, helps manufacturers maintain robust security as they digitize and integrate various siloed industrial control systems (ICS) into their IT infrastructures. The ABB ICS Cyber Security Reference Architecture is a vendor-agnostic, IEC 62443 standards-based security framework that creates a secure area between the production and external systems. It offers a proven, repeatable approach to planning, implementing, and deploying industrial control system networks.
HPE GreenLake Central also offers industrial enterprises excellent visibility, control, and security over their many assets, unifying data into a single-pane-of-glass view. HPE Aruba Central also provides advanced network and data security capabilities including zero trust. Let’s investigate some of the newest cybersecurity measures on the market next, starting with zero trust architectures.
Never trust, always verify: Zero trust architectures
Unlike traditional security models that assume everything inside a network is safe, zero trust treats all traffic and every access attempt as a potential threat and requires verification regardless of where the request originates.
Security is particularly complex in manufacturing settings, where multitudes of different machines, technologies, and users interact continuously. This presents a large and shifting attack surface for security threats. Zero trust ensures that every device, user, and piece of software in an industrial environment is authenticated and authorized before gaining access to network resources. The approach minimizes the risk of internal threats and limits the spread of any breach within the network.
Additional safeguards: SASE and NAC
Another approach, Secure Access Service Edge (SASE) combines several network capabilities and security functions—such as SD-WAN, Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), and Firewall as a Service (FWaaS)—into a single cloud-based service. SASE solutions dynamically identify and respond to security threats, applying policies based on real-time context.
SASE supports the secure connection of diverse network edges, making it particularly effective for managing the security of distributed sites, such as multiple factories, warehouses, data centers, and remote work sites. It’s often used as a cloud-based solution, however, deploying SASE on-premise with edge servers to deliver more efficient data processing and faster responses for time-sensitive applications—while eliminating the costs and risks of transmitting facility data to the cloud.
Network Access Control (NAC) systems enforce security policies for devices that attempt to access network resources. They assess the security posture of a device before it connects to the network, ensuring it complies with the organization's security standards. In a zero trust framework, NAC can serve as an enforcement point for applying zero trust policies.
NAC is well-suited for manufacturing environments where both old and new technologies coexist. By enforcing policies across all devices, NAC ensures that outdated systems do not become vulnerabilities within the network. They can also segment the network to isolate more vulnerable or sensitive systems from general access while still allowing data and process integration.
Reap exponential benefits by securing industrial systems with the latest tech
By implementing the right strategic balance of zero trust, SASE, and NAC solutions—and integrating solutions that provide comprehensive network visibility—manufacturers and industrial OEMs can maintain strong cybersecurity safeguards. Ultimately, this will help them digitize faster and gain the benefits of Industry 4.0 and enterprise AI for the decades to come.
From achieving visibility into your diverse OT and IoT assets to developing a comprehensive cybersecurity strategy for your enterprise, HPE has the expertise, solutions, and partners to help protect your enterprise and data on your journey to Industry 4.0.
Let’s connect to talk about where to start or what’s next for your enterprise. If you’re coming to Hannover Messe, it will be great to meet you at the event. I will be available at the HPE booth G76 in Hall 14/15. You can also learn more about HPE digital manufacturing solutions and HPE GreenLake on our website.
MattQuirk
With a passion for innovation and technology, I am lucky enough to work within high-growth opportunities across multiple industries including manufacturing, healthcare, energy, media and entertainment and security - with technology innovations that are advancing the way people live and work such as AI, autonomous everything and 5G.