Cyber security is not a new topic, but it has been growing as a central factor in risk management in the industrial sector. Especially process plants (food, chemicals, forest products, tissue etc.) are vulnerable to cyber-attacks from known and unknown sources. Successful cyber-attacks can lead to loss of production, unplanned downtime and disturbances to cash-to-order processes and the supply chain. The impact is not just limited to production processes, however.
Building technology, such as remotely controlled access control systems and surveillance networks can be surprisingly vulnerable. Understanding how cyber security affects production and overall productivity needs to be understood, managed and protected accordingly.
Combine Operational Technology and Information Technology management
True industrial digitalisation is only enabled by understanding how to combine Operational Technology (OT) and Information Technology (IT) to create high quality, secure and resilient production. But without a well-thought-out strategy regarding Cyber Security, the risk that cyber-attacks will occur sooner or later increases.In recent years, we have seen several examples of what cyber-attacks can lead to. One of the most infamous is NotPetya, a targeted cyber-attack on Ukrainian business interests, which led quickly to the worldwide suspension of a number of large companies’ operations. The amount of ransomware attacks has been increasing dramatically over in the last five years and is expected to continue to rise at the same rate. Rapid digitalisation and technological development are transforming the industrial processes, and the widespread trend for pervasive connectivity has driven a convergence between OT and IT systems.
This has dramatically changed the cyber security requirements, resulting in the need for reliable architecture that takes care of the overall security from design. Another big future challenge is the potential hazards and risk when IT-security meets safety of machinery.
When different systems are connected, we can no longer rely on the security of each individual system.
The business must have a clear process for risk management regarding cyber-threats