Figure 5: Q19. So far, what have been the top two reasons your organization has implemented cybersecurity measures to protect your ICS/OT systems?
Q20. What do you think are the top two reasons your organization is implementing cybersecurity measures to protect your ICS/OT systems over the next three years? (NB: several choices possible)
We will examine the reasons and the context of these results.
One of the reasons why there is a high awareness of efforts to prevent recurrence is that the manufacturing industry should have a high percentage of improvement processes established to constantly increase productivity, and safety can also be put on this system. There is a point that This result is highest in the United States, Germany and Japan, exceeding 31% in all countries, and there is no variation as in other industries. You can see this is a common problem across the industry.
5G initiatives changed the most in Japan, up 7.2 points. I think the two points that led to the big change in Japan are the increased benefits of the introduction of 5G and the requirement of security measures as a condition for licensing local 5G base stations.
The 5G local use system by the Ministry of Interior and Communications has extended the frequency band used from December 2020 to 4.6-4.9 GHz, which has a long transmission distance, and the government introduced a preferential tax system for the introduction of 5G. The benefits are even greater.
The Ministry of Home Affairs and Communications stipulates that cybersecurity measures, including supply chain risks, must be taken as a condition to certify development plans for specific base stations for the introduction of 5G . And local 5G is supposed to have the same conditions at the time of licensing.
Interest in 5G in Germany remains high at 31.4%. In Germany, the Decentralized Autonomous Mechanism for Business-to-Business Collaboration (GAIA-X), planned and implemented since around 2016, will start full-scale activities in 2021, the mobile communication strategy of the German government and the EU as a together.
We are actively working on 5G as part of the investment in the Digital Europe program that we are promoting. At the same time, it is believed that there is a strong awareness of ensuring safety. Cloud usage scores equally high. It is necessary to analyze the risks and threats at the time of introduction so that the introduction of these new technologies does not create new security risks.
2 Trend Micro Proposal
Summary of our research and analysis:
- In the manufacturing industry, the period of suspension due to security incidents is relatively short, and therefore the amount of damage in terms of money is relatively small. This is believed to be due to the fact that there are many assembly manufacturing systems and it is relatively easy to stop and start the system.
- Although we are constantly working to improve security, we believe that there are still issues to be resolved to ensure security when using the cloud or using removable media.
- Barriers to the introduction of new technologies such as the cloud and 5G are more aggressive than in other sectors, but we must be aware that the number of companies and products involved will increase accordingly, and the requirements of Security management such as analysis of new attack surfaces will increase.
- There is a need to visualize the security risks of complex systems with a mix of various tools, services and vendors, and implement measures to ensure safe operation
Based on this finding, Trend Micro proposes to organize and address cybersecurity challenges for manufacturing CISOs as follows:
- Take advantage of the manufacturing industry improvement process to improve safety and strengthen operations and implement specialized OT preventative measures to prevent a recurrence.
- Create a system and mechanism that can perform accurate cause analysis and response when an incident occurs in IT and OT.
- When introducing new technologies such as 5G, perform threat and risk analysis globally rather than locally. It also visualizes situations that change dynamically during operation, shortening detection and response time to minimize damage.
For more information on threats to ICS endpoints, including manufacturing, click here.