In brief

In brief

  • Industry X.0 is the next wave of digital reinvention of industry, transforming core operations, worker and customer experiences, and business models
  • But new vulnerabilities from greater connectivity increase the potential cyberattack surface—and the stakes are high
  • Industrial organisations in Europe need to make security more agile to improve efficiency and performance
  • Our recommendations help industrial organisations in Europe achieve cyber resilience, internally and externally, in partnership with other stakeholders

Industry X.0, with its highly connected intelligent products and ecosystems, represents the next wave of transformation in industrial manufacturing and production operations. But greater connectivity also exposes organisations to new vulnerabilities—and the impact of cyberattacks can be immense. With attacks more than doubling in the last year and the cost of cybersecurity increasing by 23 percent, organisations in Europe need to find innovative and agile ways to use new technologies and strategies, without exposing the enterprise to further risk.

We live in a connected world

Security in the Industry X.0 environment is not simply a technology problem.

Challenges are:

  • Physical: Industrial Internet of Things (IIoT) devices are often deployed in remote locations.
  • Human: Cybersecurity is only as strong as its weakest link—often, human beings.
  • Organisational: Integrated protection of processes and infrastructure is lacking.
  • Technology: Legacy systems, relied on for many years, may now provide entry points to disrupt systems.

Core operations are affected

In an Industry X.0 world, “closed” industrial systems that were not designed to be connected to the Internet can potentially be accessed remotely from any place in the world at any time—and previously “isolated” systems that were never intended to communicate are now hyper-connected to other systems and processes.

Areas of concern are:

  • Growing attack surface: Conventional defences have proven to be vulnerable. But the complexity of process automation means that shutting a system down safely can take months of planning to minimize disruption to production and profitability.
  • Unprotected capital projects: Limited security in new capital projects is made worse by mature industrial companies’ legacy systems, introduced when cybersecurity or connectivity was not a consideration. Once defences are compromised, operational assets can be highly vulnerable to attacks.
  • Supply chain security management: Cyber adversaries have continued to focus attack patterns to exploiting third- and fourth-party supply chain partner environments to gain entry to target systems, even in sectors with mature cybersecurity standards, frameworks and regulations.

How to achieve cyber resilience

As the world changes, so must organisations adapt to meet new demands and cyber risks. Cyber threats are continuously evolving—and attackers are becoming more creative. They are willing to exploit a wide range of different techniques to launch multi-stage attacks, probing for any weaknesses that can be exploited. To combat these threats, organisations must change the way that they think about security.

Our recommendations to help industrial organisations in Europe achieve cyber resilience internally and externally, in partnership with other stakeholders, involves being ready to protect operations, raising the security profile, internally and externally, and making sure cybersecurity benefits are fully realised.

Floris Van Den Dool

Managing Director

Gisele Widdershoven

Managing Director

Allan Haughton

IoT and Mobility Security Lead


Cyber threatscape report 2018
2018 State of cyber resilience

Subscription Center
Stay in the know with our newsletter Stay in the know with our newsletter