Issue link: https://iconnect007.uberflip.com/i/1265351
JULY 2020 I SMT007 MAGAZINE 77 to our system; however, it helped open the door to much better cooperation and collabo- ration within our culture. Other things, like the connecting technologies and the exchange of data, are easier. It's the culture that's harder, and I believe that the current crisis we've gone through is going to help reshape that culture. Matties: It has given many a new perspective. Earlier, you mentioned cybersecurity. With the vision of connected factories, as it becomes more of a reality, what concerns do you have or advice would you give regarding cybersecu- rity issues? Peters: I have a lot of concerns around it, espe- cially in the operations technology environ- ment—the shop floor. That's where I've spent a decent amount of time. I testified before the Senate Armed Services Subcommittee on Cyber- security about this very topic last year. I spend a lot of my time with small- to medium-sized manufacturers around the country, and cyber- security is hard enough when it comes to the IT side of things. When you think about our shop floors, we have machines and equipment that are still running Windows NT or DOS. We have to be able to get to machines quickly and shut down a line to prevent too much loss of prod- uct or, in some cases, prevent injury or death. To help address this issue, and because there are no proactive solutions to the shop floor yet, companies are going to great lengths to isolate their shop floor. I know of one company that has completely isolated the shop floor; they walk design files and code files back and forth between the office systems and the shop sys- tems on memory sticks rather than have them connected. That's defeating the purpose of Industry 4.0 and related advances. The cybersecurity maturity model certifica- tion (CMMC) is putting in place a number of specific requirements. Some of those require- ments are hard to enforce on a shop floor, such as multi-factor authentication; that's going to be difficult in a lot of cases. We can't patch some of these systems on the shop floor because if you do and they don't work for some reason, that's going to take that line down, which is there to make money. If it's not running, it's not making money. Often, we go for a long time without patching those systems. I have concerns about cybersecu- rity, and I would like to see the government step in to better address those things. We're going to need assistance—especially for the small- to medium-sized manufacturers—as we look at solutions for that. We need a grand challenge to identify the best solutions to protect the shop floor. We probably need some assistance finan- cially to help them take on the capital expendi- tures that would be needed to upgrade their sys- tems so they can be more secure. Matties: Agreed. We've heard of two fabrica- tors that have been hit with ransomware, and what you're saying makes a lot of sense. One fabricator hit with ransomware was locked out of everything, and the hackers demanded a sig- nificant ransom. This small- to medium-sized shop had no idea that they were vulnerable to that degree. They're going to need assistance, especially if we're trying to secure a supply chain. These people need help. Peters: I've been advocating for a while that the government needs to provide an aware- ness campaign similar to the "loose lips sink ships" approach of World War II where we raised awareness of the threat not just from the theft of IP but also from ransomware and other things that can shut down your business. That's one area that the government needs to step up. I also think that the government needs to provide more assistance and resources for small- to medium-sized manufacturers. These companies can't afford to do it on their own. They're prime targets and a vulnerable link in They're going to need assistance, especially if we're trying to secure a supply chain. These people need help.