During the pandemic, many forward-thinking manufacturers took shifts in consumer demands and in-person work patterns as an opportunity to modernize their factory floors and operational infrastructure. Now as supply chain challenges and inflationary forces come to the fore, the entire industry will be called to continue their innovative investments to make manufacturing processes speedier, more efficient, and equipped to compete in a new era. At the same time, they’re bolstering their cybersecurity measures to ensure that the IT technologies they’re marrying with legacy operational technology (OT) remains secure and dependable.
Not only have we observed these market trends anecdotally through conversations with AT&T customers, but they’re backed with some solid data as well. Released this week, the AT&T Cybersecurity Insights Report: Securing the Edge-A Focus on Manufacturing takes a close look at the innovation and security practices of the manufacturing world. Findings in the report show that manufacturers are leaning into edge implementation to improve operations on the assembly line and beyond—and putting considerable investment into security to ensure that these advancements bring as little risk with them as possible.
Edge innovation fuels factory advances
Manufacturers are among the furthest along in implementing edge use cases among the six verticals examined in the core 2022 AT&T Cybersecurity Insights Report. The industry is taking full advantage of 5G and IoT technologies to transform operations at the edge in groundbreaking ways, moving forward with initiatives such as smart warehousing, transportation optimization, intelligent inventory, and augmented maintenance.
The study showed that:
- 78% of manufacturers globally are planning, have partially, or have fully implemented an edge use case.
- 50% of manufacturers are at the mature stage of deployment for at least some of their edge network use cases
This puts manufacturing ahead of energy, finance, and healthcare verticals when it comes to edge adoption. Among all the edge use cases, video-based quality inspection ranked the highest priority for manufacturers for full or partial implementation. It also was scored as one of the lowest in perceived risk. Manufacturers are utilizing a combination of IoT sensors and cameras to pinpoint defects in real-time on the assembly line in order to discover root causes of defects more quickly, improve product quality, and reduce waste in the process.
For example, a car manufacturer may use edge devices to watch a car as it traverses the assembly line and if a windshield blade is not installing on one car because of variance in the windshield assembly they can quickly review footage to find exactly how many cars were impacted by the issue. The car maker can then fix the defects on each partially completed vehicle before they roll any further down the assembly line where the problem could be compounded, incurring rework, or waste at the end of the manufacturing process.
Edge computing offers reduced bandwidth, lower latency, and proximity of data, enabling companies to both leverage those IoT inspection devices and pair them with specialized AI-inspection models. The power of edge makes it possible to do this across multiple, global facilities, effectively handling the large number of files and formats typically found in a modern manufacturer’s workflow.
IT-OT convergence heightens certain security risks
The convergence of IT and OT technologies is a long-running trend in manufacturing, but the shift to the edge is accelerating the mash-up of legacy OT systems with IT networks, Internet-facing utilities, IoT devices, and more. This is taking smart manufacturing to a whole new level; however, it also amplifies the risk to manufacturers that a cyberattack against a single device in a warehouse could potentially take down an entire assembly line if proper security measures aren’t taken.
The top perceived attacks prioritized by manufacturers reflects that very real concern. The study showed that manufacturers judged the following as the top three most likely attacks to impact them:
- Attacks against user/endpoint devices (71.3%)
- Ransomware (69.4%)
- Attacks against server/data within or at the network edge (65.9%)
Interestingly, in spite of the high level of concern about endpoint attacks manufacturers reported a relatively low use of patching as a layer of security protection for edge deployments. Just 29% of participants selected patching as a control they’d use to help protect the components of their primary edge use case. This highlights some of the big challenges manufacturers face in IT-OT convergence situations. Like many IoT devices and embedded OT systems that are now connected into the IT network (and often to the Internet at large), video cameras that manufacturers use on the factory floor may not be supported by timely updates and patching can be logistically difficult. These logistical concerns about patching become even more of a challenge for other connected manufacturing equipment that may not be easily patched due to a plethora of operational constraints.
As such, security architects for manufacturers will need to consider more compensating controls to make up for known weaknesses in areas like patching.
Manufacturing ramps up security investments
Currently, manufacturers judge that the cybersecurity controls that will have the highest effectiveness and efficiency are intrusion and threat detection, device authentication, and data leakage monitoring. The overall top-rated control for effectiveness cited by manufacturers was network access controls and associated Zero Trust Network Access (ZTNA)—however, it was also one which was judged to have the highest total cost of ownership. Given the dynamic and still developing nature of IT- OT convergence, network access control is likely nascent and in limited use at many of these organizations.
The good news is that manufacturers are putting considerable investments into securing their edge use cases in the coming three years. The study found that well over half of manufacturers are investing between 11% - 20% of their total edge use case budget in security controls and other cyber risk management measures. This ongoing investment will play a considerable role in determining the long-term success of new edge innovations for manufacturers in the years to come. Check out the full report here.