sb-au logo
Story image

The cybersecurity risks that come with re-onshoring Australian manufacturing

20 Nov 2020

Article Forescout senior director of systems engineering Steven Hunter.

The global economic impact of COVID-19 has changed the Australian manufacturing industry forever. Australian supply chains were disrupted as organisations became unable to source materials that were essential for domestic manufacturing and consumption. This highlighted the importance of Australian supply chains, with local manufacturers forced to swiftly pivot to meet demands.

Australian manufacturing has gone from 30% of GDP to approximately 6% in 30 years. COVID-19 has forced a large percentage of manufacturing to come back onshore, and the rapid adaptability of these manufacturing companies prove that Australia is capable of ramping up the sector.

The Australian government is investing $1.5 billion via the Modern Manufacturing Strategy that was announced in the 2020-2021 federal budget. The government is also providing a further tax incentive that will write off the value of assets for businesses, with more information yet to be released.  

The Australian manufacturing industry is set to undergo rapid digital transformation, with the funding helping to bring manufacturing back onshore, modernise and improve operations, as well as increasing the opportunities with new technology, which could include investment in the Internet of Things (IoT), for example.

The pandemic has increased the relevance of the fourth industrial revolution, with technology being a higher priority at a board level. As manufacturing is re-onshored in Australia, boards must ensure that they prioritise cybersecurity from the start.

As technology such as IoT, robotic process automation (RPA) and artificial intelligence (AI) reshapes the manufacturing landscape, organisations are simultaneously put at an increased risk of a cyberattack.

The convergence of traditional IT with operational technology (OT) and IoT means previously air-gapped systems are now connected, giving cyber-criminals more entry points to a company’s network. This creates more risk across the board. 

Additionally, with cyber-attackers aware of the increased funding going into Australian manufacturing, the potential risk of a cyber-attack is multiplied. This increased connection and digitisation, combined with increasingly sophisticated attack types, make the threat landscape even more dangerous.

If OT systems are compromised, it can carry significant consequences such as stopping production or sabotaging the finished products. If the products themselves contain electronic or digital components, cyber-criminals could insert malware directly into them, affecting end users.

It is imperative that, as manufacturers and supply chain partners re-onshore and modernise the industry through the application of emerging technology, all businesses treat security as a top priority. The alternative is a disrupted supply chain with costly delays, potentially faulty products and a loss of stakeholder confidence.

Addressing the manufacturing risk comes down to understanding and complying with industry standards and regulations, and security best practices. For a manufacturer where there may be no specific industry standard, look to the recommendations made for other OT operators, like the energy sector, for guidance on suitable practices. 

The number one weapon against these manufacturing threats is visibility. It’s essential to be able to identify, classify and control all connected devices, including IT and OT assets, both managed and unmanaged. 

With visibility in place, organisations can see the threats coming and act to mitigate them sooner.

Story image
Cyber Security Cloud launches WafCharm on Microsoft Azure
Already available to more than one million Amazon AWS users around the world, this launch provides Azure users with AI operation of Web Application Firewall (WAF) rules, expanding WafCharms availability to 60% of the world's cloud users. More
Story image
Voice phishing attacks on the rise, remote workers vulnerable
There is an increase in voice phishing attacks, where hackers use existing employee names in attempt to trick victims into sharing login credentials and data by phone.More
Story image
DigiCert revamps PKI management capabilities for remote work
The revamp provides new ways of delivering certificate automation that can authenticate employees and devices, and encrypt data over networks.More
Story image
Cyber-attackers target COVID-19 vaccine supply chain in sweeping phishing campaign
IBM’s Security X-Force, a task force created in the early days of the pandemic with an aim to combat cyber-attacks related to potential vaccines’ supply chains, released details on a coordinated effort to disrupt the COVID-19 ‘cold chain’.More
Story image
Is the 'fast follower' mentality holding back anti-money laundering in Australia?
The decade-old rules-based systems cannot keep up with sophisticated cyberattacks and money laundering threats on their own, writes FICO financial crimes leader for APAC Timothy Choon.More
Story image
Financial firms exposing data through mismanaged access controls - Varonis
Almost two-thirds of the analysed firms leave more than 1000 sensitive files open for every employee to access.More