Cybersecurity risks in industry and manufacturing are increasingly complex and with a tendency to grow, making it urgent to equip PMEs with the right tools for the dynamic environment of Industry 4.0. Cyberattacks are among the top five global risks, becoming the new standard in sectors such as energy, healthcare, and transportation. 60% of PMEs that suffer a cyber-attack end up losing their business within six months.
ISQ will join the European Erasmus+ Encrypt 4.0 Project, a joint initiative to create a taskforce for cybersecurity in the European industry, where it is leading the development of the Cybersecurity Risk Matrix for companies in the manufacturing sector, within the framework of Industry 4.0.
“This matrix will enable a systematic overview of the cybersecurity risk landscape and the creation of accurate risk profiles, in real time, to enable the adoption of preventive measures and to establish corrective measures, in smart factories. ISQ will also develop online cybersecurity training labs as well as a document collection tool with real cases of cyberattacks that will be fed and commented in an open regime“, explains Pedro Matias, president of the ISQ Group.
Cyber-attacks are among the top five global risks, according to the World Economic Forum. Cybersecurity Ventures, a leading global cyber-economy company predicts that, globally, cybercrime-related impacts in 2021 will be greater than all natural disasters in one year.
In this context, cyber-attacks on critical infrastructure are ranked as the fifth highest risk in 2020 by the World Economic Forum’s network of experts and have become the new standard in sectors such as energy, healthcare and transportation. However, manufacturing is experiencing increasing cyber-attacks. Organized cybercrime is on the rise with the increasing sophistication of darkweb tools that makes their services cheaper and more easily accessible.
“But the defense capacity of PMEs is generally weaker compared to large companies and figures suggest that only 14% of affected PMEs recover without external assistance,” adds Pedro Matias.
The National Cyber Security Alliance shows, for example, that 60% of PMEs that suffer a cyber-attack lose their business within 6 months and that they are much more vulnerable due to connectivity in Information Technology (IT) and Operational Technology (OT) systems, a result of the Industry digitization.
Manufacturing companies, in an attempt to maintain a competitive edge by adapting to Industry 4.0 practices, sporadically invest in control systems and external consultants, but lack an integrated approach to cyber risk management. These efforts fail when trying to effectively address rapidly evolving cybersecurity threats, because most manufacturing systems have traditionally been developed to focus on workers safety and high performance, not cybersecurity. Historically companies were primarily concerned with protecting their OT environment often neglecting IT security.
In this context, Andreia Morgado, project manager, explains that “the Cybersecurity Risk Matrix will outline key risk indicators that will be easily applied to real-time data. The matrix will allow companies to not only design a long-term cybersecurity strategy, but also quickly run daily reports that will show the actual risk levels for processes at a given point in time. This is of utmost importance in the manufacturing environment as it keeps production running which would otherwise represent an irreparable impact with huge financial losses.”