Why is the Manufacturing Sector at Risk?
Traditionally, the finance sector has been the biggest target for cybercriminals with the intention of stealing money or valuable customer data. In some ways, this focus has caused executives in the manufacturing sector to disregard the threat with the assumption that they are an unlikely target.
However, manufacturing is at risk of cyberattack due to:
- a lack of investment in cybersecurity, particularly when compared with the finance sector where security is prioritized.
- primary targets such as banks and tech companies’ increased investment in security mean manufacturing and other sectors are now considered easier targets and “low-hanging fruit.”
- manufacturing companies becoming collateral damage when they are unintentionally caught up in ransomware attacks such as Wannacry and NotPetya.
- increasing use of IoT devices that often have poor security (such as default passwords) and can provide a foot in the door for cybercriminals.
- manufacturing companies warehousing data that is of interest to cybercriminals.
- lack of cybersecurity safety awareness and adequate staff training.
- vulnerabilities throughout the supply chain wherever suppliers have remote access to systems.
How Manufacturers Can Improve Cybersecurity
While the manufacturing sector is unlikely to match cybersecurity spending seen at banks and tech companies, here are some steps that should be taken to attain a working level of security:
- Have a data plan that identifies critical areas vulnerable to cyberattacks and puts appropriate security measures in place.
- Map your attack surface across all manufacturing plants and down the supply chain.
- Ensure all operational technology, products, and services integrated into manufacturing processes have an acceptable level of security.
- Investigate the security compliance of acquired companies before incorporating their systems into your network.
- Prioritize the updating and patching of outdated operating systems, even if this means expensive downtime for your manufacturing operation.
- Utilize a managed security service to monitor and defend your networks.
How to Ensure Your Staff is Cybersecure
Tech Republic’s Michael Kassner writes that companies, including manufacturers, “prefer not to consider the threat from employees – current and former.” Crimes committed within a company can be difficult to prosecute, but can be defended against through the implementation of segmented networks that “section off the most valuable data, making it accessible to only a few trusted individuals.”
Manufacturers should perform regular insider threat detection and prevention audits, and educate employees about the risk of using personal devices and best-practice cybersecurity.
Similarly, manufacturers should have a clear security policy that is communicated to vendors and suppliers up and down the supply chain to ensure cybersecurity is enforced wherever an organization has access to the manufacturer’s systems.
Image Credit: Gorodenkoff / Shutterstock
No comments:
Post a Comment