The risks and sideeffects of digitization: Securing and protecting Industry 4.0
IT and OT systems are the foundation of the modern business world, connecting companies, institutions, societies, and economies with each other. Machines and robots are at work around the clock and are networked to a very high degree – both with each other and with the company’s IT system. For industrial companies, it is of particularly high importance to have protective mechanisms in place for what is known as operation technology (OT). Ensuring security in OT is subject to a very special set of framework conditions. The primary focus here is on non-stop operations: 24 hours a day, seven days a week, 365 days a year. Any actions taken occur in real time, which makes it difficult or even impossible to make any changes to the systems. There is also the fact that hardware and software are used for comparably long periods in production, in stark contrast to other applications.
Attacks on production operations can have serious consequences. For example, an aircraft manufacturer was forced to stop production for over a week. A global, publicly listed aluminum producer had to pay an estimated EUR 64.9 million to restore operations after a cyber attack using ransomware, not counting the loss of production and earnings, which came to over 80 percent.
Disarming cyber safecrackers
Cyber attacks and incidents of this kind make it quite clear that what is needed is a holistic, well thought-out security concept that includes both OT and IT. The digitization and interconnectedness of IT and OT open the door for attackers to cause damage in both settings.