What’s the key to long-term sustainability and success as a manufacturer? Some would argue that it’s trust. If a manufacturer gains the trust of the users of its products—and keeps that trust over time—it can go a long way to weathering nearly any storm that might come its way.
But is trust a two-way street? At least when it comes to cybersecurity and the protection of valuable intellectual property and technological assets, experts agree that the answer is a resounding “No!” In fact, cybersecurity experts have three words of advice for modern manufacturers: “Trust no one.”
As author Ramsés Gallego notes in a recent Smart Industry article, “[d]igital transformation has brought us AI, digital twins, and IoT—all built for productivity—but when trust is misplaced or unverified, the consequences can be severe and expensive.”
In the past, information technology staff have set up security measures as if a manufacturer’s internal network is a castle to be defended. In this type of model, “anyone or anything inside the perimeter was assumed safe,” points out Gallego.
Unfortunately, such a model is now outdated, because “but today’s factories are no longer isolated silos of machines.” Instead, “[m]anufacturing has become a hyperconnected ecosystem where IT and OT systems share data, AI automates decisions, digital twins simulate entire operations, and third-party devices plug directly into production lines. Every connection is a potential entry point, and attackers know it.”
That’s why “[m]anufacturing is now the most targeted industry for ransomware, accounting for up to 29% of reported attacks, according to CheckPoint Research. And this isn’t just about data loss—when OT systems are compromised, the impact is often physical and immediate. Think shutdowns, broken supply chains, or even nationwide disruption,” notes Gallego.
What approach should manufacturers take to protect themselves? Experts now recommend a zero trust cybersecurity framework. And it’s based upon a simple principle: “never trust, always verify.” The assumption underlying this framework is that “everything—human or machine—can be compromised.”
Does this seem cynical? Perhaps, but Gallego concludes that it’s “the only safe assumption…in an environment where uptime and safety are paramount.” Moreover, it’s important to remember that, when it comes to manufacturing systems, “the consequences [of a cybersecurity breach] can be severe, threatening worker well-being, product quality and even public safety.”
So, what does a zero trust framework look like for a modern manufacturer’s IT team? “Remember learning the question words at school: who, what, when, where, why, which? In a zero-trust environment, every user, device and application must answer those questions, every time, before they’re granted access.”
Managing such an approach is no simple task. Modern manufacturing facilities can include “thousands of interconnected systems controlling machinery—from factory robots, to power grids, to all the hardware and software that monitors and controls devices, processes and infrastructure.”
Finding the right people to properly secure manufacturing networks is paramount. Effective cybersecurity implementation may require manufacturers to add more technology experts to their teams. Personnel with hands-on experience with advanced automation technologies used in manufacturing will play a key role.
It’s critical for manufacturers to hire highly skilled workers that can manage cybersecurity risks, in addition to operating, maintaining, troubleshooting, and repairing the advanced automation systems that are being implemented. Unfortunately, due to the ongoing “skills gap” issue in the manufacturing sector, finding highly skilled workers remains a significant challenge.
How can manufacturers find the workers they need? And how can they be sure that workers have the hands-on skills they need to succeed in the modern workplace? Today, more and more manufacturers are looking for workers with industry-standard certifications that prove they have the skills employers need.
For example, if workers possess a certification from the Smart Automation Certification Alliance (SACA), employers can feel confident they’ve already proven they have the knowledge and hands-on skills needed for working with advanced smart automation technologies. SACA has been hard at work collaborating with industry leaders to develop a wide variety of industry-standard certifications that will help employers find workers who possess the advanced connected-systems skills they need to take their businesses to the next level. Be sure to check out SACA and all it has to offer!
