Patching: the unfinished security business of the manufacturing industry

The industrial sector is one of the largest, most diverse and changing segments of the global economy. It is also one of the main targets for cybercriminals. Industrial sites and factories continue to transform and digitize, which means that more and more critical assets and infrastructure are being connected to the Industrial Internet of Things (IIoT). This has raised security concerns about operational technology (OT) in manufacturing, which is increasingly at risk.  

IBM X-Force showed that the manufacturing sector has become the most attractive target for attacking operational technology, but why is this? A recent study found that, in 2022, 76% of manufacturing companies had unpatched high-severity vulnerabilities in their systems, providing easy access for cybercriminals. Out of these companies, nearly 40% suffered malware infections.  

What are the main difficulties in securing OT technology in this sector?   

OT systems were originally developed to operate in a separate environment isolated from digital space. However, this separation has dissolved as remote capabilities and technology were introduced to drive efficiency and reduce costs.  

Challenges faced in protecting OT effectively: 

• Minimal security expertise: these organizations often do not have much experience in OT cybersecurity and employees who manage remote connectivity often lack training in this area as they focus on the smooth running of operations rather than on critical security aspects.  

• Limited security awareness: employees may also be unaware of the importance of cybersecurity in this machinery and its OT systems or lack the knowledge to identify and report cyberthreats.  

• Old systems: many OT systems are old and use obsolete technology that makes them more vulnerable to cyberattacks.  

• Lack of visibility and control: it is common for organizations to lack visibility and face limited control over their OT systems, making it difficult to detect and respond to cyberthreats. This lack of visibility into the environment means vulnerabilities cannot be detected at thousands of potential access points.   

• Limited security testing and monitoring: industrial factories and companies in the industry may not have the resources to test and monitor the security of these systems regularly, which hinders threat detection and response.  

Patching as a measure to secure the sector  

Protecting these computers and their systems requires an endpoint security solution capable of defending against advanced threats, advanced persistent threats (APTs), zero day malware, ransomware, phishing, rootkits, memory vulnerabilities and non-malware attacks. WatchGuard EPDR combines endpoint protection technologies (EPP) and EDR capabilities that automate prevention, detection, containment and response actions capable of properly securing OT. WatchGuard EPDR, in turn, protects legacy systems starting on Windows XP and Server 2003 so that companies struggling to upgrade their systems can protect all of their assets. 

In addition, with its patch management module, it is possible to manage software updates and patches centrally as they become available, as well as automate these updates to ensure that there are no active vulnerabilities.  

Although vulnerabilities are the main security risk for this sector, there are other weak points. The industry needs to strengthen its cybersecurity with solutions specially designed for its needs.  

If you work in a specific sector, do not hesitate to visit our portal dedicated to different industries where we include the ideal technologies to protect equipment and help safeguard business continuity and productivity.