Manufacturing in the digital age

Author: Joe Peck

In this article, Eric Herzog, CMO at Infinidat, explores how to protect your enterprise with cyber resilient storage:

A significant transformation is underway in manufacturing enterprises, as traditional boundaries between Operational Technology (OT) and Information Technology (IT) systems rapidly dissolve. This convergence, driven as a result of ongoing digital transformation and the adoption of Industry 4.0 technology, is enabling manufacturers to achieve new levels of efficiency, productivity, and visibility across their operations.

However, as these systems become increasingly integrated, the risks – particularly in the realm of cyber security – are also escalating.

Understanding the changing landscape

Historically, manufacturers have relied on OT systems to manage their core physical processes and machinery on the factory floor, focusing on real-time control and automation. In contrast, IT systems have taken care of data processing, business operations, and enterprise resource planning requirements.

Initially, these systems would have been running independently, but in recent years, manufacturers have invested in more integrated manufacturing environments, where data flows seamlessly between shop floor equipment and enterprise systems. This integration is essential for efficiency. It enables real-time monitoring, advanced analytics, and data-driven decision-making, leading to optimised production processes and vastly improved business outcomes.

At the heart of a manufacturing business is the Manufacturing Execution System (MES). The MES connects production equipment with business applications, supporting the planning, monitoring, documentation, and control of manufacturing processes in real time. It also acts as a bridge to higher-level ERP systems and industrial automation platforms, providing comprehensive visibility and enabling enterprises to make informed, data-driven decisions. But herein lies the risk, because integration is also a somewhat double-edged sword. There are plenty of upsides, but the cyber security risks can grind an enterprise to a halt.

Integration upsides

Here are three of the immediate benefits realised through OT and IT system integration:

• Potential for real-time data analysis — Integrated OT/IT systems allow for immediate feedback and adjustments, reducing downtime and waste.

• Enhanced communication — Seamless data exchange between shop floor and enterprise systems leads to better coordination and a faster response to all issues.

• Optimised production — Enterprises can fine-tune their processes based on live data, improving quality and throughput.

Integration downsides

These operational advantages also expose manufacturers to additional cyber security threats. This question of cyber risk is for all industry sectors. The UK government’s 2024 Cyber Security Breaches Survey found that half of UK businesses experienced a cyber breach or attack in the past year, with the rate even higher among medium (70%) and large (74%) businesses.

Manufacturing enterprises are an especially attractive target for cyber criminals for multiple reasons. They rely on complex, interconnected supply chains. They tend to be running a larger number of legacy systems than other industry sectors and this can create security blind spots. They also provide a high-impact target, because a successful cyberattack can disrupt an entire supply chain.

Dealing with a cyberattack is also very costly. According to Make UK, an organisation representing manufacturers, nearly half of British manufacturers suffered cyberattacks in the previous year. A quarter reported losses between £50,000 and £250,000, and 65% experienced production downtime.

But the true costs of a cyberattack run much deeper, because many attacks involve data exfiltration. In these cases, sensitive intellectual property or customer information is stolen and potentially sold or leaked. Data breaches are one of the biggest security threats, and new research from Deloitte – conducted with the Manufacturing Leadership Council in 2024 – quantifies this. The study reported that 48% of manufacturers experienced at least one data breach in the past 12 months, at an average cost of £2.1 million per breach.

The devastating impact of storage targeted attacks

A ransomware attack on enterprise storage systems can cripple a manufacturer, potentially completely halting production processes as data and files become encrypted and inaccessible. Such an attack can also compromise the entire manufacturing operation, from design and engineering data to supply chain management information.

If key files are encrypted, the enterprise may not have access to product specifications, production schedules, and customer orders. Operations can be brought to a stand-still and the implications are far reaching, potentially also damaging long-term projects, customer relationships, and the business reputation.

Investing in cyber resilience is not just business best practice; it is mandated by law. The EU’s NIS2 directive (2024) sets strict requirements for cyber risk management in critical sectors including manufacturing. And although no longer bound by EU laws, the UK will be releasing its own regulations with the forthcoming Cyber Security and Resilience Bill, expected to be ratified later in 2025.

It is now widely accepted that, these days, it’s not a case of ‘if my enterprise will be attacked’, but ‘when will I be attacked, how often will I be attacked, and, most importantly, how quickly can I recover?’

Cyberattacks are occurring constantly. They have become an inevitable part of being in business. As the likelihood of an attack has evolved, so too have the techniques used, and completely preventing any form of cyber security breach is no longer realistic. Instead, manufacturers should focus on building cyber storage resilience into their enterprise storage and maximising their ability to detect, respond to, and recover quickly from attacks.

Six foundations for cyber resilient storage

A cyber resilient storage infrastructure to support manufacturing business continuity is built on six key principles:

1. Immutable snapshots — Rather than creating simple backups, manufacturers need secure, unalterable data copies taken at specific intervals. These immutable snapshots ensure that critical production and business data remains unchanged after creation, providing a reliable recovery source regardless of attack sophistication.

2. Logical and remote air-gapping — Effective cyber resilient storage requires logical isolation of immutable snapshots from network access. Air-gapping – implemented locally, remotely, or both – creates an additional protection layer that keeps recovery data segregated from potential infection vectors.

3. Automated detection and response — The speed of modern cyberattacks renders manual monitoring insufficient. Manufacturing companies need automated cyber security capabilities: Automated Cyber Protection (ACP) that integrates seamlessly with their existing security stack, including Security Operations Centres (SOC); Security Information and Event Management (SIEM); and Security Orchestration, Automation, and Response (SOAR) platforms. These systems should automatically trigger immutable snapshots when security incidents are detected.

4. Fenced forensic environment — Recovery from cyberattacks requires a completely isolated network environment for forensic analysis. This ‘fenced’ area allows for thorough data testing and integrity verification, ensuring that recovered data isn’t compromised before reintroduction to production systems.

5. Near-instantaneous recovery — Critical for manufacturing operations is the ability to retrieve clean data copies within minutes, regardless of dataset size. Manufacturing processes are particularly time-sensitive, making rapid recovery capabilities essential for minimising production disruption and financial losses.

6. Scanning for cyber threats in your storage estate — Leveraging advanced AI and ML technology, you can scan your storage at regular intervals to see if there is a cyber threat. This gives you two different advantages: First, by scanning on a regular basis, you may uncover a cyber threat. Then, you can report that to the cyber security elements in your data centre as an ‘early warning system.’ Second, if you have an attack, the ability to search your immutable snapshots for a dataset free from any cyberattack gives you much faster and more reliable recovery.

Road to proactive cyber storage resilience

The integration of OT and IT is transforming manufacturing and unlocking new efficiencies, but it is also heightening the cyber security risk. As cyberattacks become more frequent and sophisticated, manufacturers must adopt a proactive, resilience-focused approach to their cyber security and enterprise storage. This means investing in advanced, cyber resilient storage, with robust defences and rapid data recovery capabilities.

By prioritising these investments, manufacturing enterprises can reap all the benefits that integration offers, safeguard their operations, and protect data and intellectual property – even in the face of an increasingly hostile cyber threat landscape.

For more from Infinidat, click here.