Story image

Manufacturing automation and the cyber risks that go with it

09 Jun 2016

Increasing automation and interconnectivity in the world's industrial factories is unwittingly helping them become more vulnerable to cyber attacks, a statement from Allianz says.

Utilities providers in the Ukraine, Israel and Germany have been recent cyber attack targets, demonstrating that hackers are likely to go for industrial control systems (ICS) or complete shutdowns.

ICS is increasingly becoming a major vulnerability, numbering 295 ICS cyber attacks in the US last year. Allianz says these attacks could potentially result in physical damage such as explosions, as well as business interruptions from outside attacks, technical failure and operator error.

ICS processes were often designed in an era before cyber security, so they are inevitably more vulnerable, says Nigel Pearson, global head of fidelity at AGCS.

Allianz says similar risks plague the manufacturing industry as more companies adopt smart technology, including automation, robots and connected supply chains. The risks for insurers are now greater, but the opportunities are too.

“Continuous monitoring and predictive maintenance of automated production lines will reduce small scale frequency losses and increase equipment lifetime. Supply chains will be better monitored, more predictable and visible with improved tracking options and losses reduced from spoilage or expiration,” explains Michael Bruch, head of Emerging Trends at AGCS.

The problems arise in interconnected supply chains, as technical faults embedded into code are hard to detect and can often compound resulting in a fault that could last days. The cost to a company could number in the tens of millions, Allianz says.

This has a ripple effect across not only the company itself, but all its interconnected supply partners.

These risks can be managed by maintaining "High technical IT security standards of networks, software and mobile devices, staff awareness trainings, continuous process optimization and rigid management of access rights and guidelines must go hand in hand. To manage the residual risks, cyber insurance is becoming a core element of IT risk management for many companies," says Jens Krickhahn, cyber insurance expert at AGCS Central and Eastern Europe.

Allianz predicts future trends in digitization will see the increasing importance of intangible assets such as brand management, intellectual properly, skills and supply chain assets. To insure this, packages must include risk analysis, benchmarking and mitigation advice, the company says.

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.
Red Box gains compliance boost with new partnership
By partnering with Global Relay, voice platform provider Red Box is improving the security of its offerings for high-value and risk voice data.