Dual expertise in cybersecurity and OT systems is still rare, but it is growing.

It enables industrialists, particularly in the agri-food sector, to deploy effective protection strategies. This is the beginning of a large-scale change, which will have short-term consequences on the machinery specifications.
Industrial cybersecurity is too often approached in a top-down way, starting from IT systems and moving through their connections to machine components. In doing so, it forgets entry points (unlocked USB ports, IoT sensors, etc.) that are ideal targets for attackers.

Rethinking Cyber

It also too often neglects the specificities of OT systems, such as continuous operation, which makes it impossible to scan installations and complex updates.

Since IT and OT systems converge in factories, cybersecurity must follow. This is exactly what we observe, with the development of specific OT offers among cybersecurity specialists, and the recruitment of OT specialists by CISO of large industrial groups.

“Business leaders and industrial production managers expect tools first. It is up to us to equip ourselves with the necessary skills so that these tools are adapted to the constraints of the production environment,” explains Benjamin Leroux, marketing manager at Advens.

«Our company was born because one of our founders, in charge of a Security Operations Center (SOC), could not find the tool he needed on the market», adds Marc Coutelan, Sales Director France of Nozomi Networks.

Increasing involvement of equipment manufacturers

For Marc Coutelan, the protection of production lines is a collective work: «the attackers will always outnumber us. It is in our best interest to share information and move forward together.” Benjamin Leroux joins this vision: «Geppia is one of the actors that promotes these exchanges. Our discussions with user companies, machine manufacturers and automation manufacturers are generating new ideas in different areas, including cybersecurity financing.”

Will the maintenance of safety be part of the services that manufacturers of process and packaging machines will have to offer tomorrow? No doubt it is. Until then, OEMs are urged to integrate cybersecurity from the design stage, systematically disable unused services, and secure their machines with newer operating systems and controllers.

According to the European Union agency Enisa, a cyber attack results in an average 21-day production shutdown. That is already a lot. But it often takes 12 to 14 months to return to optimal operating conditions, according to data collected by Advens. “Our information work is starting to pay off,” concludes Benjamin Leroux, “we are seeing more and more agri-food companies launching cybersecurity projects.”