CYBER SECURITY SOLUTIONS

Manufacturing

Protecting Digital Assets and Critical Infrastructure Against Growing Advanced Threats

GET IN TOUCH

Overview

Both operational technology (OT) and information technology (IT) have significantly altered the security landscape in manufacturing. Industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems are now connected to IT systems and the internet, leaving them exposed to hackers involved in terrorism, cyber warfare, and espionage.

OT systems around the world are barraged by both recycled IT-based attacks and purpose-built OT exploits. One survey found that 74% of OT professionals had experienced a breach in the past 12 months. Attacks on critical infrastructure can result in financial loss, reputational damage, and sometimes even loss of life or threats to national cyber security.

We have extensive experience defending OT environments in critical infrastructure sectors such as energy, defence, manufacturing, food, and transportation. By designing cyber security into complex infrastructure via our Security Fabric, organisations can integrate cyber security protection across OT and IT environments, from the manufacturing floor to the data centre to multiple clouds.

Andrew Govell

Head of Cyber Security Services

Contact

Industry drivers

The corporate IT network at a manufacturing company contains important data related to finance, intellectual property, HR, product support, field support, and more. Some manufacturers also produce Internet-of-Things (IoT) devices and collect data from customers who have purchased them. And manufacturers are increasingly reliant on cloud-based applications and infrastructure, and IoT devices are growing in number at the network edge.

To protect sensitive data, the corporate infrastructure needs a broad, integrated, and automated cyber security solution with end-to-end integration. Our Security Fabric provides a solution built on the next-generation firewalls (NGFWs) and artificial intelligence (AI)-powered threat intelligence from our global analytics and threat intelligence platform.

A wide array of CT cyber security tools integrates seamlessly into the Fabric, along with dozens of third-party solutions delivered by Fabric Partners. And an open ecosystem and extensive application programming interface (API) tools make the integration of other third-party tools possible.

While many OT systems are now connected to IT systems, recent research by Forrester finds that 40% of OT systems are still air gapped—that is, not connected to any other network. While one might assume that such systems are safe from cyber attacks, they still use IP-based control systems and administrators still install software updates provided by the manufacturer. This gives adversaries an opening to penetrate a system by infecting the updates through the vendor’s network. And while air-gapped systems may not contain sensitive data, infiltrations can cause costly disruptions and safety issues.

As a result, a next-generation firewall (NGFW) is required for air-gapped systems, and this must be accompanied with comprehensive cyber security tracking and reporting. Our NGFWs provide robust protection and industry-leading performance when inspecting both encrypted and unencrypted traffic. Our security management system provides single-pane-of-glass management and a variety of reporting tools. Our threat analytics and reporting system delivers analytics-powered cyber security and log management for maximum visibility and better detection of breaches. And our SIEM platform enables a coordinated and automated response to attacks.

With digital transformation and the need for business agility are creating increasing co-dependence between IT and OT, historically air-gapped OT systems and now frequently connected to IT systems. This convergence results in a far wider attack surface — and, since OT systems often have weak cyber security protection, it significantly increases organisational risk.

But if cyber security issues can be resolved, combining IT and automation networks into a single, secure, manageable, and converged environment offers rich possibilities for the future. Cyber security teams must have centralised visibility into all systems, the ability to segment the network according to business need, and centralised control of both wired and wireless networks.

The Fortinet Security Fabric covers the entire attack surface with a broad, integrated, and automated cyber security architecture that enhances cyber security and improves operational efficiency. Built on the foundation of next-generation firewalls (NGFWs) and artificial intelligence (AI)-powered threat intelligence, our Security Fabric provides seamless integration with dozens of cyber security tools.

As the industry moves in the direction of a Manufacturing-as-a-Service (MaaS) model, third parties have more access than ever before to corporate networks and OT systems. This complicates traditional ideas of trust and forces organisations to assess their protection against insider threats, including third parties. Organisations need robust protection against these threats, whether accidental or malicious, and whether they come from within the company or the partner network.

The integrated solutions of our Security Fabric provide a multi-layered defence against insider threats. Intent-based segmentation capabilities in our NGFWs allow organisations to segment their network intelligently in a world of dynamic trust. Our identity and access management solution leverage that segmentation in granting access to users on a need-to-know basis. Our data security and threat detection solution leverages user and entity behaviour analytics (UEBA) to identify anomalies in the expected behaviour of trusted users and entities that might indicate a compromised account. And we now use deception technology to deceive, expose, and eliminate attacks originating from internal and external sources.

Like most other industries, manufacturers are rapidly transitioning services to the cloud. Many now have cloud-based manufacturing resource planning (MRP) and enterprise resource planning (ERP) systems. These systems often pull data from both IT and OT systems for quick and effective decision-making, a process called digital twinning. Cloud-based solutions are also routinely used for services that impact customer experience. Protecting cyber security for these assets is critical, meaning that an organisation’s integrated cyber security architecture must extend from the data centre to OT systems to multiple clouds.

Our Security Fabric enables broad, integrated, and automated protection for the multi-cloud environment, ensuring consistent policy management, configuration management, and threat detection and response across the entire attack surface. We can also integrate our next-generation firewall (NGFW) to a virtual machine to capably protect cloud environments. Our web application firewall (WAF), available in several form factors, protects the application layer with in-line, artificial intelligence (AI)-powered threat intelligence.

Our cloud access cyber security broker (CASB) service provides insights into resources, users, behaviours, and data stored in the cloud with comprehensive reporting tools, and enables advanced policy controls to be extended to Infrastructure-as-a-Service (IaaS) resources and Software-as-a-Service (SaaS) applications. The cloud workload protection (CWP) tool enables cyber security and DevOps teams to evaluate their cloud configuration cyber security posture and identify potential threats resulting from misconfigurations.

Our key differentiators for Manufacturing Organisations

OT-Specific Solutions

Our Security Fabric provides an end-to-end, integrated cyber security architecture across IT and OT, from protection to detection to response. This enables operational and cost efficiencies and improves protection against fast-moving threats.

Cyber-physical Integration

Our Security Fabric enables manufacturing companies to consolidate networking, cyber security, and surveillance functions into a single pane of glass. Technologies like cameras and recorders, advanced threat protection, segmentation and authentication, and software-defined wide-area networking (SD-WAN) can be deployed as an integrated whole, with minimal hardware and license costs.

Ruggedised Hardware

We offer a broad selection of industrially-hardened appliances that provide complete cyber security protection in any environment, from the manufacturing floor to remote operations. Robust components and a fanless design protect the hardware in harsh conditions.

OT-specific Threat Intelligence

OT systems have unique architectural characteristics and face both generic and OT-specific threats. Backed by extensive experience with manufacturing customers, our threat intelligence platform provides robust, OT-specific threat intelligence to those who manage manufacturing systems.

Contact Us

To understand how CT can help you protect protect your plant and processes,
speak to us today.