SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

The cybersecurity risks that come with re-onshoring Australian manufacturing

Article Forescout senior director of systems engineering Steven Hunter.

The global economic impact of COVID-19 has changed the Australian manufacturing industry forever. Australian supply chains were disrupted as organisations became unable to source materials that were essential for domestic manufacturing and consumption. This highlighted the importance of Australian supply chains, with local manufacturers forced to swiftly pivot to meet demands.

Australian manufacturing has gone from 30% of GDP to approximately 6% in 30 years. COVID-19 has forced a large percentage of manufacturing to come back onshore, and the rapid adaptability of these manufacturing companies prove that Australia is capable of ramping up the sector.

The Australian government is investing $1.5 billion via the Modern Manufacturing Strategy that was announced in the 2020-2021 federal budget. The government is also providing a further tax incentive that will write off the value of assets for businesses, with more information yet to be released.

The Australian manufacturing industry is set to undergo rapid digital transformation, with the funding helping to bring manufacturing back onshore, modernise and improve operations, as well as increasing the opportunities with new technology, which could include investment in the Internet of Things (IoT), for example.

The pandemic has increased the relevance of the fourth industrial revolution, with technology being a higher priority at a board level. As manufacturing is re-onshored in Australia, boards must ensure that they prioritise cybersecurity from the start.

As technology such as IoT, robotic process automation (RPA) and artificial intelligence (AI) reshapes the manufacturing landscape, organisations are simultaneously put at an increased risk of a cyberattack.

The convergence of traditional IT with operational technology (OT) and IoT means previously air-gapped systems are now connected, giving cyber-criminals more entry points to a company's network. This creates more risk across the board.

Additionally, with cyber-attackers aware of the increased funding going into Australian manufacturing, the potential risk of a cyber-attack is multiplied. This increased connection and digitisation, combined with increasingly sophisticated attack types, make the threat landscape even more dangerous.

If OT systems are compromised, it can carry significant consequences such as stopping production or sabotaging the finished products. If the products themselves contain electronic or digital components, cyber-criminals could insert malware directly into them, affecting end users.

It is imperative that, as manufacturers and supply chain partners re-onshore and modernise the industry through the application of emerging technology, all businesses treat security as a top priority. The alternative is a disrupted supply chain with costly delays, potentially faulty products and a loss of stakeholder confidence.

Addressing the manufacturing risk comes down to understanding and complying with industry standards and regulations, and security best practices. For a manufacturer where there may be no specific industry standard, look to the recommendations made for other OT operators, like the energy sector, for guidance on suitable practices.

The number one weapon against these manufacturing threats is visibility. It's essential to be able to identify, classify and control all connected devices, including IT and OT assets, both managed and unmanaged.

With visibility in place, organisations can see the threats coming and act to mitigate them sooner.

Follow us on: