industry
UNLOCKED
AI could detect anomalous behaviour that may indicate an attack.
James Neilson, SVP International at OPSWAT defences. Instead of looking for pre-determined or known indicators of compromise, like malicious links or bad sender domains, solutions that leverage AI models can instead look for anomalies outside the norm. By baselining normal behaviour across the email environment – including typical user-specific communication patterns, styles and relationships – AI could detect anomalous behaviour that may indicate an attack.
Automation plays a key role by auto-remediating any emails deemed malicious, which reduces the burden on security teams and allows them to focus on higher-priority threats while AI handles routine risk assessments and threat mitigation.
CISOs in the manufacturing sector must move beyond traditional defences and adopt proactive, AI-driven solutions. Tools which offer real-time threat detection and automated remediation can enable manufacturers to protect critical systems and maintain operational efficiency without compromise. The future of smart manufacturing will rely on resilient cybersecurity strategies that can adapt to this fast-moving threat landscape.
James Neilson, SVP International at OPSWAT
Cybercriminals target manufacturing for its reliance on uptime, often exploiting outdated industrial control systems( ICS) that still run on antiquated software like Embedded Windows XP, or Windows 10 which reaches end of support this year.
Increased digitisation interconnects IT and OT zones, increasing vulnerability to attacks that disrupt or deny operations. For example, over the past year, more than 50 % of organisations experienced at least one security incident involving ICS / OT systems.
That same digitisation is changing the face of manufacturing supply chains, with data flowing between suppliers and partners just as much as product and raw materials. Third-party service and support partners visit manufacturing sites with their own laptops and removable media to update firmware on the ICS tooling they manage.
However, malware hosted on portable devices like USB drives can bypass traditional network-based security measures and move laterally between IT and OT systems.
The majority of air-gapped manufacturing environments lack security controls to detect IT malware, meaning that compromised media could result in huge financial losses, operational downtime and public safety risks.
The other key challenge is security teams often have limited visibility into the devices connecting to their organisation’ s systems and the flow of data transfers. This means that security teams have to manually scan files, which is extremely time-consuming.
Manufacturing organisations need a multi-layered strategy to mitigate risks, with scanning policies at the heart of it. This requires all incoming data and devices to be scanned before they reach critical network assets.
All entry points should be covered by the policy, including‘ walked in’ devices and media, and checked and sanitised using Content Disarm and Reconstruction( CDR) techniques. Data should only ever enter critical environments once it has been sanitised and validated.
Scanning policies should also complement access controls like robust access credentials, which limit the use of external devices to authorised personnel. This then prevents removable media that hasn’ t been thoroughly scanned and sanitised from accessing data within the organisation.
To effectively implement such a process especially at scale, manufacturing organisations should use dedicated scanning kiosks integrated with secure file storage and managed file transfer capabilities. Kiosks dramatically reduce the risk of introducing malicious code into secure network environments without causing delays for employees trying to do their job.
46 WWW. INTELLIGENTCISO. COM