Zero Trust and Automation: Safeguarding the IoT manufacturing revolution
Markus Nispel, CTO EMEA at Extreme Networks
The world of manufacturing is experiencing an IoT boom, with many businesses experiencing a rapid rise in ecosystems of new interconnected devices. Just in the last year, 78% of those surveyed in fictiv’s State of Manufacturing Report said they’re evaluating new tech solutions for efficient product development.
The sector’s embrace of Industry 4.0 promises a wealth of benefits, including new opportunities for success. However, it also brings new possibilities of risk, particularly when it comes to cybersecurity.
Challenges with IoT growth
As the manufacturing industry continues to adopt IoT devices, like smart sensors, edge devices, robotics, etc., it must consider what these deployments mean for security.
Already, manufacturers experience high volumes of security breaches, accounting for 23% of all global security attacks according to the Verizon Data Breach Investigations Report (VDBIR). Unfortunately, more IoT devices means an expanding attack surface for manufacturers. Often, these devices lack robust security features, making them easy prey for would-be attackers. The same VDBIR report reveals that 73% of OT (operational technology) devices in manufacturing environments are “completely unmanaged,” while 49% of organisations don’t have sufficient cybersecurity expertise.
With more interconnected devices, more data flowing among them, and a lack of security features and expertise, it’s more important than ever for manufacturers to prioritise cybersecurity.
Traditional security methods need to make way for Zero Trust
Most notably, cybersecurity attacks lead to reputational damage, leaving an enduring stain no company wants on its reputation and coupled with financial damage through recovery costs, regulatory fines, and lost revenue due to production downtime. According to a recent Sophos Ransomware Report, manufacturers pay an average of more than £1.5 million to restore operations following a ransomware attack.
As cyber attackers become more sophisticated, traditional network security is no longer enough to safeguard manufacturing facilities. Enter Zero Trust, a security model assuming inherent untrustworthiness.
The Zero Trust model is founded on multiple principles:
- Least privilege – Users and devices are only given the access they need, which can help contain threats.
- Continuous validation and monitoring – Users, devices, applications, and sensitive content are continuously monitored and validated. This includes connection timeouts and user identity verification.
- Identity – Authentication and authorization for non-person entities, machine access, and machine-to-machine access are mandatory.
This is in stark contrast to traditional security methods, which take a secure perimeter approach to access control, using an outer layer of defence to protect a network and then assuming all users and devices are trustworthy once initially authenticated.
With manufacturers facing growing numbers of cyber threats, this familiar approach is outdated and unable to keep out bad actors. It’s time to transition to ZTNA, which takes a two-pronged approach to both prevent attacks and mitigate breaches.
Zero Trust in action: proactive and reactive
ZTNA can first support manufacturers and their growing networks of IT devices by proactively preventing attacks.
Unlike traditional security defences, ZTNA dismantles the secure perimeter that inherently trusts devices, users, etc. Instead, it constantly evaluates and verifies everything in the network. This not only greatly reduces the available attack surface but also makes it easier to identify and block malicious activity.
A Zero Trust approach becomes even more effective when combined with other security strategies like using network Fabric for hypersegmentation, which divides the network into smaller, isolated segments. Should an attacker gain access to one part of the network, they won’t be able to progress any further, preventing a would-be attacker from moving laterally throughout the network to cause further damage.
Network Fabric technology enables dynamic and automated network segmentation, allowing individual segments with their own specific rules and policies to be created and modified via a central management system. For manufacturers’ IT teams, this means segment rules can be automatically updated in real-time, adapting to new security requirements, user roles, workloads, and other network changes without requiring extensive human intervention.
Unlocking full potential with automation
With growing numbers of IoT devices making them vulnerable to attackers, manufacturers can expect big advantages from Zero Trust adoption—but the transition isn’t without its challenges and can be a significant change for organisations with outdated security policies in place.
To unlock Zero Trust’s full potential in the most efficient way possible, organisations need to turn to automation. By automating key aspects of ZTNA implementation and management, they can streamline processes, reduce human error, and enhance overall security efficacy.
Security policies play a key role in the Zero Trust model, helping enforce strict access controls and continuous monitoring. However, updating these policies can be a long process, as they must be configured for every user, device, and application interaction. Moreover, they must be constantly updated to adapt to changing roles, devices, and network conditions—while upholding strict security standards and seamless access.
Automated tools for policy configuration, like network Fabric, can help ease and improve Zero Trust implementation. With automation, security policies can be updated based on real-time data, user behaviour, device health, and threat intelligence to ensure only authorized users and devices have network access—all without an intensive manual configuration process.
The future of manufacturing: IoT, Zero Trust, and automation
It’s clear that ZTNA has surpassed traditional security models in preventing attacks and mitigating breaches. The vast and complex IoT environments in manufacturing necessitate the use of automation to fully realise the true benefits of a zero-trust approach.
If manufacturers want to continue to embrace Industry 4.0 and the richness of an IoT-laden environment, they must also be prepared to contend with subsequent cybersecurity threats. The Zero Trust security model’s two-pronged approach to proactive and reactive defence can make the difference—made even stronger if automation is part of the equation.