If we are indeed at the full outset of Industry 4.0, the fourth industrial revolution, initiatives such as smart manufacturing will not truly succeed without keen awareness of new cybersecurity risks introduced by IT/OT connectivity and advanced technologies. It’s incumbent upon cybersecurity leaders to understand a new array of threats introduced by artificial intelligence, digital twins, machine learning, and the like, and proactively develop well thought-out policies and procedures as well as deploy technology to ensure these systems are available and reliable.
This is our opportunity, for once, to introduce cybersecurity defenses at the outset of this movement, rather than react down the line once the proverbial horse has left the barn—or the barn burns down. Once again, we’d find ourselves forever trailing in a game of chase against adversaries.
If our goal is to leverage the productivity and quality gains that AI and its cohort technologies promise us, as cybersecurity leaders we must act now. Here’s some food for thought on how to get started.
Smart factories are the full embodiment of cyber-physical systems: highly digitized and analytical, characterized by advanced technologies such as machine learning that can rapidly ingest and understand large datasets and produce outputs and advice that help efficiently automate manufacturing processes.
According to Rockwell Automation’s 9th annual State of Smart Manufacturing Report, demand for investments in generative AI applications within industrial automation environments is expected to be high. It is also expected to deliver the second best return on investment behind cloud computing and software-as-a-service investments, according to respondents.
Smart manufacturing can also help manufacturers fill in labor shortages or gaps in critical skills by investing in automation and introducing advanced technologies such as machine learning.
This is here to stay. But these smart devices, giant data-hungry large language modeling tools, and automations responsible for fine-tuning your manufacturing processes means that a once-isolated traditional factory is now plugged into the public internet (hopefully indirectly) somehow somewhere. Lax configuration, poor passwords, or one forgotten patch can introduce exposures that were not a reality a decade ago.
A new cybersecurity approach is required, one that first recognizes the overall cyber ecosystem with enhanced complexities around securing these technologies that make smart manufacturing and factories purr. Advanced technologies are much more than just ChatGPT and other generative AI apps. Machine learning is a staple in many industries, and is being applied to smart manufacturing in many new ways. CISOs and other security leaders must understand, for example, what data models are used to train large language models and where this data emanates from, and the integrity of the data and algorithms fed into them to improve their accuracy from dynamic plants and continuous operations.
Commercial and open-source models are being used across the manufacturing industry, and it’s crucial to scan these models for vulnerabilities. With machine learning applications, risk must be mapped out. Are the prompts your users entering into generative AI apps malicious? Do your large language models leak data that includes proprietary business information, source code, or other intellectual property? Are you aware that advanced LLMs that may be indispensable to your business must be trained with production data, unlike other traditional instances that can use synthetic data to stress test apps?
If you cannot answer these questions, now is the time to be proactive.
The first step is—as always— asset visibility and management. Cyber-physical systems require a complete mapping of the environment and known inventory of all assets, which then enables the rest of your security program and overall cyber ecosystem. Visibility fuels how you manage exposures, lock down remote, illicit access to your IT and manufacturing networks, and much more.
Exposures, for example, include more than known and unknown vulnerabilities. Having potent visibility into cyber-physical assets ensures you know which devices (if any) are directly connected to the internet, whether there are unpatched vulnerabilities, and whether they’re communicating insecurely online, via open ports or without the benefit of a VPN and firewalls or secure remote access solution.
Insecure connectivity, meanwhile, is the byproduct of organizations’ growing adoption of remote access technologies and ease of network connectivity, which deliver significant productivity and cost benefits by enabling first- and third-parties to access and control cyber-physical systems from anywhere around the globe.
This phenomenon is fueling the need to connect previously isolated OT assets to the public network, thereby increasing the risk of operational disruption and costly downtime, reputational damage, and regulatory non-compliance.
OT assets, which are the heart of manufacturing environments, are thereby exposed to the internet for remote updates and professional service administration. Access to these devices must be well controlled if not locked down, especially if they contain unpatched vulnerabilities that have known exploit code available in the wild.
This brings us to threat detection, which is a core defense in your cyber ecosystem protecting manufacturing environments. Ransomware and supply chain attacks have factories reeling , and advanced attackers are keen to target data-rich environments where AI/ML, digital twins, and augmented reality are foundational technologies.
AI/ML and other technology vital to smart factories and smart manufacturing will soon be pervasive and foundational. Security leaders must be proactive about understanding these environments, the additional exposures they introduce, and be proactive about securing them. Start with these six points:
Make it a priority to map your connected cyber-physical systems, gain visibility into the overall asset inventory, their connectivity and exposures.
Gain an understanding of the integrity, data path and vulnerability of your language models being used to train machine learning and AI apps
Scan those advanced models for vulnerabilities
Ensure users aren’t leaking sensitive data from generative AI apps
Doubly ensure malicious prompts are blocked from GenAI
Lock down and control remote connectivity to your smart factory from the Internet
Jim LaBonty is the retired Director and Head of Global Automation Engineering for Pfizer's Global Engineering & Technology division. In this role he primarily focused on establishing the strategic direction and harmonizing control system solutions across 42 manufacturing sites globally, including securing the development of Pfizer's COVID-19 vaccine. Previously, LaBonty held senior engineering and system architect roles at Rockwell Automation, Eli Lilly & Company, and Eastman Kodak Company. He now leverages his decades of experience to help firms with their corporate OT cyber strategy and global program execution, with the goal of protecting manufacturing.
