by Mario Colombo
ANIE Automazione Managing Board
If we had to identify a single word that characterizes the digital transformation path undertaken by many manufacturing companies, maybe the most appropriate would be “interconnection”: digitized assets able to communicate with each other and, above all, with management systems which allow companies to deepen the knowledge of their production processes and develop actions to increase their efficiency and quality, just to give one example of the numerous advantages offered by the Industry 4.0 paradigm. But the opening of a world so far stubbornly closed also brings with it the fateful downside: the magic embrace between the OT and IT is likely to become a fatal grip, especially for small and medium-sized companies, too often unprepared to manage the cyber risk. The former British minister was probably not far from the truth, saying that the world is divided between those who have suffered a cyberattack and those who do not yet know it. Just think that, according to various sources, cyber criminals can spend months, if not years, within the IT systems of companies before anyone realizes it. The episodes that, with increasing frequency, show entire factories blocked due to actions by increasingly equipped cyber criminals, clearly show the extent of this risk, able to cancel all the benefits of digitalization.
Pressing the “back” button and going back to the time when the factories were rigidly isolated is not the solution. However, it is essential that companies commit to being both connected and protected. What to do then? In simply words, we must equip ourselves to make the task of cyber criminals less easy. This through a path that is primarily cultural and human resource training, if it is true that the imprudent employees, at all levels, are the first vehicle of “infection”. The second step is organizational: it is necessary to have a governance, structured policies that put security among the priorities in the company management. And then, last but not in order of importance, today we are no longer disarmed against the brigands of the web: we have a great ally called technology. From the use of secure connections to the use of secure authentication systems for operators that access machines, just to give a couple of examples, there are numerous specific technological solutions for industrial contexts. Safety is not an optional, let’s learn to defend ourselves.