The core issue lies in the tension between operational uptime and digital security. Many manufacturers provide machine builders and service providers with broad, persistent access to sensitive OT environments, creating vulnerabilities that are often exploited after an initial breach. According to Knud Kegel, CTPO at Secomea, the industry must transition from enabling connectivity to actively governing it.
Secomea Warns Manufacturers Over Risky Remote Access Protocols
Ransomware groups are increasingly weaponizing permanent remote access channels to cripple manufacturing operations, prompting a call for stricter governance. Copenhagen-based Secomea suggests that while third-party connectivity remains vital for industrial maintenance, the industry's reliance on always-on access points provides an easy path for attackers to move laterally through production networks.
Secomea advocates for a shift toward just-in-time access, where permissions are granted only for specific tasks and revoked immediately upon completion. This approach, paired with rigorous audit trails and automated isolation protocols, allows security teams to maintain visibility without sacrificing the support required for complex machinery. Rather than cutting off remote capabilities, the goal is to implement least-privilege models that prevent unauthorized lateral movement during a security incident. As regulatory pressure and insurance requirements tighten, establishing these visibility and containment controls has become a foundational element of modern industrial resilience.
Comments (0)
No comments yet. Be the first!