Excerpts from an interaction with Rajesh Gharpure, EVP & Global Head- Manufacturing and Industry 4.0, Larsen & Toubro Infotech (LTI).
To what extent are cyber threats affecting manufacturers today?
By 2025, the manufacturing industry of $1 trillion will be a lucrative target for cyber criminals in India. India's cybersecurity incidents have risen by 50% from 2020 to 2021. Although technology and automation are helping contribute to production positively, the trend suggests that the tech tools bring with them cyber concerns. Cybercriminals specifically target the finances and supply chains of the companies. They access financial and procurement data and can then modify the purchase orders, production quantities, and sales quantities. Once this is done, criminals can steal the products using an internal source. The companies producing in bulk are unaware of their products being stolen at the moment. They report heavy losses at the end of the financial year after their data is audited.
What type and level of risks exist in present-day factories?
Cyber-attacks have significant consequences when enterprises become victims. Criminals can temper production quantity, product identification, production and quality defects, and cause miscommunication between functional areas.
The smarter and more advanced a factory is, the more vulnerable it is to lose everything in a blink. The motive behind these cyber-attacks is profiting through ransomware. Criminals have made it a strategy that promises big rewards with comparatively lesser risk. Moreover, with the growing sophistication of attacks, it becomes more difficult for companies to identify an attack until there is a negative effect on the operations. This is why it becomes all the more important for manufacturers to stay ahead of danger.
How do manufacturers address today’s cybersecurity risks? And how will they address new risks?
Companies are moving towards adding advanced technologies to their OT environment; however, many manufacturers have yet to secure their systems. The IT and OT leaders are still unprepared to respond to new cyber threats that arise. Today, only a few companies monitor their OT environment and perform a sanity check into their systems in India. It can be perceived that these manufacturers are well prepared for the risks they may have to respond to when new technology comes into place. However, while using IoT devices and the latest technology, it is also likely that these manufacturers are unaware of the threats and risks these products bring along. These companies need to be more vigilant moving forward.
How can manufacturers build cybersecurity controls into their smart factory initiatives?
Manufacturing companies need to invest more in cyber management programs. These programs will be dedicated to cyber-attacks and will help them to identify risks, protect against such risks, respond to cyber threats and recover from any attacks in the past. Companies need to consider these actions when moving towards a more tech-savvy world.
- Perform regular checks into their systems
- R&D into cyber management programs
- Prioritize actions if and when any risk is identified
- Establish formal cybersecurity governance programs
- Test and verify for threats before manufacturing in bulk
