In the rush to join in the government's efforts and push for the manufacturing sector in Malaysia to 'migrate' their production into Industry 4.0 standard, many of these manufacturers and the associations that represents them seems to have forgotten or may have missed out the biggest risk this exercise could do to them without them realising it - the migration will lead to all of these manufacturers more interconnected.
With increased interconnection, it means increased risk of cyber incidents.
Cyber incidents are not limited to cyber attacks. A cyber attack on a manufacturing facility would be damaging, but it’s not the most prominent threat to a network’s operational continuity. In fact, small to major network or process disruptions due to misconfigurations, erroneous commands, software errors or device failures, can occur almost daily.
The evolution of Industry 4.0 / Internet of Things (IoT) will present security challenges to any organization that is or are migrating to Industry 4.0. And the challenges are not limited to the boundaries of a single company, but rather are spread across an ecosystem, leading to interdependencies between suppliers, customers, competitors, and the company itself.
Majority of these in the manufacturing sector whom our government is encouraging to 'migrate' to Industry 4.0 are classified as SME. Majority of these SMEs, if not all, are hereby hampered by the so-called "legacy barrier" that their successful path in the past—which was often achieved with only basic machinery, flexible solutions, and a low degree of automation—can no longer be the approach going forward in the concept of Industry 4.0. Such approaches might have secured niches for these SMEs for years, but they do not provide the necessary data transparency that is required across the supply chain in Industry 4.0.
A successful 'migration' for a company means the network is larger and more interfaces are created and thus the potential attack surface for cyber attacks also becomes larger.
Therefore, we urge all those companies who are now in the process of preparing and intends to embrace Industry 4.0 fully within this and the following year to make adequate preparations in order to minimize these risks on a technical and organizational level.