Manufacturing and Rethinking Identity Security: The Time Is Now

The SailPoint Blog
| Dana Reed | Happenings

As manufacturers modernize operations to keep pace with Industry 4.0 technologies, the need to reassess existing cybersecurity strategies is paramount. Factories have long been enticing targets for industrial espionage, intellectual property theft and even production sabotage. Now, as the line between digital and physical processes continues to blur, the threat of attack in this industry grows more real every day. And the consequences can be devastating.

61% of the world’s leading smart factories have experienced an incident. 75% of those incidents stopped production, and 43% stopped production for more than four days [1]

In this new realty, the importance of identity security — control over who has access to which data and systems, and how — cannot be overstated. A robust identity security platform can help safeguard your operations from the following threats.

Threat 1: Vulnerable supply chains

Supply chain attacks rose 42% in Q1 2021, compared to Q1 2020.[2] In March, for example, Molson Coors Beverage Company — the fifth largest beermaker in the world — was completely shut down by an attack on its supply chain. While details of the incident have not yet been disclosed, it occurred among a surge in malware attacks and ransomware activity across the globe. The company reports that combined with the aftermath of severe winter storms in Texas, the breach will delay as much as 2 million hectoliters of production and shipments, redistributing up to $140 million in EBITDA throughout the rest of the fiscal year.[3]

Defense: Automated access provisioning

An identity security solution with automated access provisioning ensures you give the right users the right amount of access at the right time — whether they are employees, contractors, vendors or supply chain partners. Onboarding new users is easy, as is restricting or removing access as roles change.

Manufacturing facilities were hit with 228 ransomware incidents in 2020, making it the second-most affected sector [4]

Threat 2: Rise of the machines

At the core of Industry 4.0 is the non-human element. Robotic process automation software can be used to automate time-consuming manual tasks, and smart machines can be connected to networks to build everything from phones to cars. The benefits include lower production costs, shorter production times and less waste. However, with no human voice to speak out when something look suspicious, unauthorized access to sensitive data can go unnoticed until it’s too late.

Defense: Complete transparency

An identity security solution that gives you a complete and continuous view of all user permissions, including non-human identities, can alert you immediately to potentially risky or abnormal access.

90% of large organizations throughout the world will have adopted RPA in some form by 2022 [5]

Threat 3: IT/OT convergence

Information technology (IT) and operational technology (OT) have historically functioned fairly independently in the manufacturing world. From the various physical connectors that transmit data to the different computing languages used to convert it, most IT and OT systems were not designed to communicate with each other. As this gap continues to narrow and these networks become more connected, the attack surface for cyber threats is expanding significantly.

Defense: Real-time intelligence

An identity security solution that offers immediate insight into all accounts, entitlements, policies, and actions across the enterprise allows you to build and maintain roles to help ensure access always adheres to security and compliance protocols.

50% of industrial assets in factories will be connected to some form of on-premise or remote data collection system[6]

Threat 4: Downplaying the importance of identity security

Defense: Attend our free virtual roundtable

Learn more about the critical role identity security plays in the successful adaptation of Industry 4.0 technologies. Join us on May 25 for a free, one-hour virtual roundtable discussion with leading subject matter experts in IT and security identity.

Virtual Roundtable

Manufacturing and Security: The Role of Advanced Identity Management

May 25, 1 PM EDT

Register now

[1] Wilson, G. (2021.) “61% of manufacturers have had a cybersecurity incident.” Manufacturing Global. https://www.manufacturingglobal.com/digital-factory/61-manufacturers-have-had-cybersecurity-incident

[2] Identity Theft Center. (2021.) “Identity Theft Resource Center reports 564 percent increase in individuals impacted by data compromises in Q1 2021.” https://www.idtheftcenter.org/identity-theft-resource-center-reports-564-percent-increase-in-individuals-impacted-by-data-compromises-in-q1-2021/

[3] Jones, D. (2021). “Molson Coors incident shines a light on industrial cyberattack vulnerabilities.” Cyber Security Dive. https://www.cybersecuritydive.com/news/molson-coors-cyberattack/597551/

[4] Miller, D. (2021). “Cybersecurity Concerns Grow in Post-COVID Era.” Automation World. https://www.automationworld.com/Take5/video/21366548/take-five-with-awcyber-threats-expand-postcovid19

[5] Gartner. (2020). “Gartner Says Worldwide Robotic Process Automation Software Revenue to Reach Nearly $2 Billion in 2021.” https://www.gartner.com/en/newsroom/press-releases/2020-09-21-gartner-says-worldwide-robotic-process-automation-software-revenue-to-reach-nearly-2-billion-in-2021

[6] Fretty, P. (2019). “Closing the IT/OT Gap.” Industry Week. https://www.industryweek.com/technology-and-iiot/article/21119430/closing-the-itot-gap