Get In Touch
Cover nov2024 104x80.jpg
Current Issue
section
logo

Cybersecurity in the Industry: Safeguarding Manufacturing Assets in a Digital World

By Nisha Shukla,

Added 31 July 2024

The panellists underscored the critical importance of cybersecurity in manufacturing, discussing risk management strategies, threat detection technologies, and regulatory compliance measures to protect sensitive data and assets.

During the panel discussion at the second edition of the ET NOW Tech in Manufacturing Summit, distinguished members from the manufacturing sector emphasised the use of cloud-based, mobile-centric technologies, advanced analytics, digital innovation, sustainability, and the crucial aspect of security. The panel included Anjaiah Surgi, SVP & CIO, Somany Impresa Group; Thameem Kamaldeen, MD - Signalling & Infra, Alstom India; Rakesh Raghuvanshi, Founder & CEO, Sekel Technologies; Siva Prakash, Regional Sales Manager - South India, Varonis Systems; and Santosh TG, CIO, Switch Mobility. The discussion focused on the critical importance of cybersecurity in manufacturing.

The session began with moderator Ashwani Mishra, AVP & Editor of Technology at 63SATS, summarising key takeaways from discussions with CIOs, CTOs, and CEOs in the manufacturing industry. These include the adoption of AI, ML, and IoT, management of large-scale data, promotion of innovation, ensuring sustainability, and addressing security threats, particularly ransomware, which has been a major concern in the sector.

Santosh TG began by emphasising the dual role of manufacturing companies as both producers and tech companies. He pointed out that artificial intelligence and cybersecurity are now major discussion points in boardrooms, a shift accelerated by COVID-19. He notes that budgets for cybersecurity are more readily approved compared to other areas, reflecting its critical importance.

Santosh highlighted several measures his company, Switch Mobility (an electric vehicle arm of Ashok Leyland), is taking to combat cybersecurity threats. These include ensuring that data in motion and at rest is encrypted, particularly since their vehicles collect vast amounts of data. Regular vulnerability assessment and penetration testing (VAPT) are conducted as health checks for systems to identify and mitigate vulnerabilities. They also emphasise timely updates and patches for systems through effective patch management. Additionally, the company addresses the human element in cybersecurity by educating employees about risks and safe practices.

Thameem Kamaldeen highlighted the significance of cybersecurity within the transportation industry. He pointed out that cyberattacks are increasingly targeting rail networks, which are vital to infrastructure. Alstom has responded by creating cyber-hardened software for train control systems, exemplified by the implementation on the Tel Aviv Metro in Israel.

He stressed the importance of integrating cybersecurity across the product lifecycle, from design to operation. Additionally, he mentioned the establishment of the Alstom Cybersecurity Academy and Centre of Excellence in India, aimed at training the workforce and ensuring strong cybersecurity practices.

Rakesh Raghuvanshi discussed the criticality of safety, security, and compliance. He particularly emphasised the human factor as the weakest link in cybersecurity. He demonstrated how data can be easily compromised through seemingly innocuous actions such as using Bluetooth devices or weak passwords.

He advocated for a multi-faceted approach to cybersecurity, including ensuring that emails are digitally certified to prevent spoofing. He also emphasised the importance of basic hygiene practices like segmenting networks and maintaining secure data transfer processes.

Anjaiah Surgi emphasised the growing complexity and interconnectivity of modern manufacturing, pointing out that the attack surface has expanded significantly. He discussed his company's strategy for reducing risks, which includes implementing network segmentation to isolate critical systems and using disconnected backup servers as protection against ransomware. Surgi also noted that securing budgets for cybersecurity has become easier, reflecting the increasing recognition of its significance in safeguarding business operations.

Siva Prakash discussed the complex nature of modern cyber threats, such as social engineering and identity-based attacks, and stressed the importance of focusing on data protection. He recommended that companies should not only segment networks but also prioritise understanding and protecting critical data. He also proposed a unified approach to data protection, which involves assessing who has access to data, ensuring access is necessary, and monitoring data usage to prevent unauthorized actions. Siva Prakash emphasised the significance of employing multiple strategies to effectively safeguard data and reduce risks.

Overall, the panel discussion underscored the multifaceted nature of cybersecurity challenges in the manufacturing sector. Panellists agreed that while technology adoption is crucial, the human element remains a significant vulnerability. Companies must therefore adopt comprehensive strategies that include technology, process improvements, and employee training to effectively protect against emerging cyber threats.