A holistic security approach is required to protect IoT interfaces in manufacturing and production from attacks. This requires not only machine manufacturers, but also companies and their investments in the right technology. From consulting on security concepts to the implementation and use of solutions, external service providers offer their expertise. Damian Kostka, Senior Security Solutions Architect at NTT Ltd. in Germany, explains the measures that should be implemented.

Are German companies adequately prepared for potential cyber attacks and are their protective measures sufficient?

Kostka: German companies are generally relatively attractive targets for cyber attacks. However, they are relatively poorly protected - as our experience from a large number of security projects shows. Most companies have a relatively low level of IT security maturity, partly because they often fail to invest in the right measures. The demand for our Digital Forensics and Incident Response Team (DFIR) is very high and reflects this fact. The DFIR team is always deployed when a security incident has occurred and ensures that it is effectively resolved and the cause identified.

Regardless of the budget, which three security measures should companies implement to protect themselves from cyber attacks?

Kostka: Using a top-down approach, companies should first determine the overall current state of their IT security maturity and then implement technical and organizational IT security measures as required. The following measures are usually useful in the manufacturing and process industry: patch management, network segmentation as well as IIoT and OT security.

Keyword security as a service: should the manufacturing and process industry consider managed security services?

Kostka: The latest NTT Global Threat Intelligence Report 2020 clearly shows that the manufacturing industry is the second most frequent target in Germany, accounting for 21% of cyberattacks. For this reason, this industry should already consider the topic of IT security in its corporate objectives. Ultimately, it is a make-or-buy decision as to whether to call in the support of an external service provider in the form of managed security services. Most companies use managed security services at the latest when setting up a Security Operation Center (SOC). The operation of a SOC and the long-term employment of well-trained security experts is very cost-intensive - especially the continuous training and development of employees. A managed security service provider has a clear advantage here and cooperation with such a provider is highly recommended.