Smart Factories adopt Industry 5.0 technology relying on the multiple advantages that we have discussed previously. As bright as the future sounds like, with people and machines working together to create personalized products, there is an important matter that needs attention: data security in the manufacturing industry.
Cyber threats for Smart Factories adopting the Industry 5.0
According to the 2018 Cyber & Data Security Risk Survey Report by Marsh & McLennan Agency on small and mid-sized organizations in North America, “almost 60% said they consider cyber to be one of the top five risks they face”. Industry 5.0 brings connectivity and big data collection via the Internet, making them attractive to cybercriminals.
Malware targeting ICS
Do you remember in the old movies the scene with a spy breaking into a plant to steal secret documents? Since Industry 4.0, industrial espionage got much easier. Industrial Control Systems are now connected through networks not only to the enterprise system but also to third parties, such as suppliers. The risk is not in the connectivity itself, but in the outdated ICS layered with new IoT solutions. A new class of malware targets exactly those security breaches to obtain industrial know-how.
Attacks on IoT devices
Hackers don’t always target intellectual property. Production metrics are just as valuable and easier to obtain. Most IoT devices have low processing power, they rely on the network. Therefore, manufacturers find it unnecessary to invest in sophisticated end devices that collect data. From economical or productive reasons, they prefer devices that insufficiently secure proofed. Such IoT devices are easy to break through the networks to which they are connected.
Keeping data in the Cloud
One of the technologies that make Industry 5.0 possible is the Cloud. It brings manufacturers great advantages: cost reduction, flexibility, integration, collaboration, scalability. There is, however, a dilemma over data security. While cloud service providers ensure multiple data protection layers, there is no direct control over who has access and what happens to that location, physical or virtual. On-premises systems are also risky, as we’ve seen above, but having the situation “in your own hands” makes prevention easier. At least in theory.
Photo credit: Pixabay
Solutions to increase data security for the 5.0 technologies
Facing all these threats is not enough reason to discharge the adoption of Industry 5.0 technologies. There are solutions to protect sensitive data and more will emerge, as know-how advances. Here is a few trending in 2019:
We just saw how not having direct control over the data kept in the cloud may represent a risk. A solution to that is for manufacturers to have their own private clouds with all the benefits, minus the risk of a public cloud. There are three main ways to develop such a cloud:
- Build it internally using vSphere technology;
- Custom-build the cloud environment using converged software stacks;
- Use OpenStack to build an internal cloud infrastructure.
For those still not confident enough to place sensitive data on a cloud, there is the hybrid cloud. It combines on-premises solutions with public and private clouds. This way the data breach risks are disseminated. The manufacturer decides what and where to keep, who and how has access.
This represents the next stop in cloud technology. As the name explains, it means that a company can use more hybrid clouds to disseminate risks even further. Users will be able to control and run data, workload or an application on the cloud they choose: public, private, and hybrid, according to their technical needs.
Own digital application platforms
Platform as a Service is no longer novelty and continues to develop in 2019. Serverless computing that spans clouds offer the advantage of control and independence of a particular server. Thanks to containers and open source systems like Kubernetes (K8s), companies will develop better adapted, more secure business apps.
Update older systems with new, secure software
Replacing the entire technology can prove too costly for manufacturers. In the same time, they cannot afford to remain vulnerable in front of cyber-attacks. Another way to increase the security level is to put in place modern, customized software on top of the old systems. Keeping what already works ensures continuity, with a plus of data security.
Internal security protocols
No solution is effective by itself. Internal security measures are still needed. Some refer to the elements we tend to oversee as risk: the human element. Leaving malevolence aside, the simple lack of attention or knowledge can lead to severe data leaks. There are a few measures that can prove very useful:
- Prioritize the security levels of data. Set access protocols according to the importance of those data.
- Segment the enterprise networks. Make valuable data available on separate sections with corresponding protection.
- Involve the entire supplying chain (both suppliers and vendors) in your security measures. Make sure they also apply your data protection initiatives.
- Periodically train the employees on security measures, how to recognize and prevent cyber-attacks.
Since the Internet became part of everyday life, nobody is 100 % safe from cyber-attacks. Still, this is no reason for manufacturers not to adopt Industry 5.0 technology. As long as data security is a top priority of their business strategy, they can reap all the benefits.