Impact of cyber attacks on manufacturing sector
The manufacturing industry was one of the sectors most affected by cyber attacks in 2023. In particular, the industrial and manufacturing sectors were frequently targeted by ransomware and data breaches. Attacks with a massive impact, including production delays, financial losses and reputational damage.
Hackers did not sit still this year either, and several renowned Belgian manufacturing companies unfortunately fell victim to cybercriminals. This constant threat within a complex, 24/7 operational environment puts considerable pressure on IT departments.
IT & OT Convergence: challenges as well as opportunities
"Over the past decade, numerous manufacturing processes have been optimised, digitised and automated wherever possible. With the merging of IT and OT systems, the manufacturing sector is experiencing significant cybersecurity challenges" confirmed Steven De Mot, Business Development Manager at Fortinet and our first speaker of the day. "A robust OT security strategy is essential to ensure that these threats do not outweigh the many benefits."
During his presentation, Steven zoomed in on three specific challenges facing manufacturing companies today:
- Increasing complexity: The 'merging' of IT and OT networks makes systems more complex and difficult to manage, which logically leads to new security risks.
- Advanced malware: Targeted ransomware attacks such as LockBit which can significantly disrupt production processes with major financial consequences.
- Regulation: With the introduction of NIS2 guidelines, among others, your current security protocols need to be taken firmly in hand.
Tip: use existing standards
Steven De Mot emphasised the use of international cybersecurity standards during his presentation. Like IEC 62443, for example. This standard describes the requirements for improving the digital security and safety of OT/ICS/SCADA environments. A visual representation of guidelines with four categories:
- General: General principles
- Policies & Procedures: Specific policies and procedures
- System: Security of systems and networks
- Component: Focus on individual components and devices (hardware & software)
What about the new NIS2 directive?
You NIS2 guideline expands cybersecurity obligations and apply to a wider range of sectors than before, including the manufacturing sector. It requires companies to take appropriate technical and organisational measures to secure their networks and information systems.
The steps to take for your organisation are:
- Evaluate: Assess your current security measures & implement improvements where necessary.
- Protocols and processes: Update your current security protocols or opt for more robust processes in risk and incident management.
- Training & awareness: Increase the cyber awareness of your employees and thereby strengthen the first line of defence against cyber threats.
"Maximum security thanks to MDR & XDR"
Joris Swaelen, our Service Solutions Manager, was the second speaker of the day. He provided attendees with valuable tips to prevent recent ransomware attacks, such as Lockbit, as much as possible in the future. "Together with SentinelOne, VanRoey offers a Managed Detection and Response (MDR) and Extended Detection and Response (XDR) service, which includes 24/7 threat monitoring, detection and response. This service is specifically designed to respond quickly to incidents and minimise the time between identifying a threat and resolving it."
Need to call on our expertise?
Are you curious about the specific products Fortinet offers for industrial environments? Or would you like to call on our IT expertise like many other leading manufacturing companies? Let us know!
vat no.*
share this post:
