Protecting against digital disruption in manufacturing
It’s not possible to completely safeguard operations from cyberthreats. Simply put, in today’s interconnected manufacturing landscape, absolute security just isn’t feasible. Even if a company were to disconnect entirely from the internet, the risk of a technological breach remains if physical access is available to malicious actors or their associates.
The advent of cloud-based enterprise resource planning (ERP), digital transformation and Industry 4.0 solutions has revolutionized manufacturing. These innovations create efficiencies, enhance customer engagement and provide business intelligence that significantly improves operations and profitability — benefits analog systems simply can’t match. However, this increased digitization also amplifies the risk to manufacturers’ data and operations.
Research consistently shows that no company, regardless of size, is immune to cyberattacks. Leadership often assumes their data isn’t valuable to outsiders, but cybercriminals disagree. They see value in all data and aim to exploit it, potentially holding companies ransom for their own information. This data isn’t limited to financial records; it can include confidential customer information, product specifications, engineering drawings, process data, quality control results and more.
A recent survey of over 200 manufacturers conducted by Wipfli revealed a startling statistic: Nearly half of the respondents experienced three or more network breaches in the past year alone. This frequency of attacks can be overwhelming for leadership teams and IT departments alike.
Building manufacturing resilience
The scope of cyber risk extends beyond data. Physical assets are also vulnerable to attack. Cybercriminals can potentially seize control of equipment operations, leading to significant unplanned downtime and posing real safety risks to employees.
Consider a manufacturer that stores and retrieves production data for each job within an ERP system. What happens if these digital services are disrupted or the underlying operational data is held for ransom? Even more concerning, what if technical specifications are altered, leading to the production of non-compliant parts? Similarly, vision systems and quality control processes could be compromised, becoming targets for potential attacks.
While some of these scenarios may seem far-fetched, cyberattacks are growing increasingly sophisticated and destructive. The potential for exposure in these areas presents very real risks to manufacturing organizations. As the industry continues to embrace digital transformation, it’s crucial to balance the benefits of connectivity with robust cybersecurity measures to help ensure operational resilience and data integrity.
Manufacturers can fortify their operations by developing and implementing resilience strategies against cyberattacks. In this context, resilience doesn’t mean “impenetrable.” Instead, it signifies a company’s ability to withstand an attack, respond swiftly and comprehensively when it occurs, and efficiently recover any compromised data or business operations. This process begins by identifying vulnerabilities in the digital perimeter and then constructing a multilayered strategy to protect and respond to cyberthreats.
Overlooked issues in manufacturing operations
For manufacturers, multiple physical and digital entry points into operations or data (including financial, operational, technical or administrative information) can exist. These pathways can seem insignificant or appear to be sufficiently hidden, but without proper care, they can present a way in for potential threats.
Outdated and unsupported hardware and software on the production floor are two frequently overlooked sources of vulnerability. While this equipment may not be used like traditional computers, it’s still connected to the network, and, if not maintained properly, it could pose a security risk to the entire organization.
Frequently, IT departments aren’t involved in all technology-related decisions. With the rise of software-as-a-service models and cloud computing, it’s easier for employees to purchase new software, download applications or share files using the cloud without oversight from skilled IT or cybersecurity professionals. Systems and software not vetted against company policies or maintained properly could introduce additional, less obvious risks. Moreover, they increase the number of vectors a malicious actor might use to gain access, often without the company’s knowledge, making data and operations protection more challenging.
The absence of real-time cyber monitoring is another common gap in manufacturing operations. Without it, a company lacks visibility into attempts to infiltrate its network. Preventing and safeguarding against attacks becomes more difficult if a company is unaware they’re happening.
For example, real-time monitoring can protect against violations of impossible travel rules. Imagine a scenario where a legitimate user, like the corporate controller of a manufacturing firm near Chicago, logs into the network from their home office. Then, just three hours later, the same account logs in from Tokyo. This impossible travel scenario clearly indicates that the controller’s credentials have been compromised. However, without proper real-time monitoring, this breach could go undetected for an extended period.
The foundations of a multi-faceted security strategy
A multilayer security strategy is the most effective approach to resist an attack. At its most basic level, the strategy should include:
- Password protocols: Implement and enforce the use of strong, unique passwords across all systems.
- Email protections: Deploy technologies that limit spam and spear-phishing attempts to reduce the risk of social engineering attacks.
- Multi-factor authentication (MFA): MFA adds an extra layer of security by requiring users to verify their identity through multiple steps when accessing company systems or applications. It’s crucial to implement MFA across all access points, including email, VPN, cloud-based apps and internal administrative accounts.
- End-point detection and response (EDR): EDR provides real-time visibility into potential threats, enhancing a company’s ability to detect suspicious activities. While often confused with antivirus software, EDR focuses on identifying malicious activity in a computer’s memory, whereas antivirus software scans for harmful programs on the computer or network. Manufacturers should employ both for comprehensive protection.
- Regular vulnerability scans and penetration testing: To identify and address weaknesses before they can be exploited, manufacturers should conduct monthly or quarterly penetration testing of external systems and vulnerability scans of internal systems. This proactive approach is essential for maintaining a robust security posture.
- Vulnerability management: Cybercriminals constantly probe for security gaps. To make their job more difficult, companies should regularly deploy security patches, update software, remove unnecessary programs and disable unused system processes.
- Air-gapped backups and segmented networks: To protect against ransomware and other cyberattacks, backup files should be stored on a standalone network with separate credentials. This separation mitigates the risk of compromising both primary and backup data simultaneously.
- Recovery testing: Manufacturers need to regularly test their backup and recovery processes. This ensures that in the event of a network failure or cyberattack, they can efficiently restore operations and access critical files.
By adopting these foundational measures and continuously evolving their cybersecurity strategies, manufacturers can significantly enhance their resilience against the ever-growing threat of cyberattacks. Remember, in today’s digital landscape, cybersecurity isn’t just an IT issue — it’s a critical business imperative that demands ongoing attention and investment.
The crucial role of employee engagement in cybersecurity
Employee understanding of cybersecurity is paramount. Many hackers target people rather than systems, finding it easier to trick individuals into sharing credentials than breaking into networks directly. Therefore, employee engagement in cybersecurity is as vital as perimeter defense.
Manufacturers must establish controls governing data usage, management and storage. Access to sensitive information should be restricted to those who absolutely need it for their job functions.
Cybersecurity training should be ongoing and comprehensive, covering topics such as:
- Recognizing phishing attempts and social engineering tactics.
- Safe browsing practices and password management.
- Proper handling of sensitive data.
- Reporting suspicious activities or potential security breaches.
By fostering a culture of cybersecurity awareness, manufacturers can significantly reduce their vulnerability to human-centric attacks.
Comprehensive cybersecurity training
To truly fortify operations against cyberthreats, manufacturers should adopt a holistic approach that combines technological solutions with human-centered strategies. This includes:
- Regular security audits and risk assessments.
- Developing and maintaining an incident response plan.
- Collaborating with industry peers to share best practices and threat intelligence.
- Investing in ongoing cybersecurity education for all employees, from the shop floor to the C-suite.
Comprehensive employee training is a cornerstone of effective cybersecurity for manufacturers. Cybercriminals employ various social engineering tactics, including phishing emails, SMS text messages (smishing) and phone calls or voicemails (vishing) to steal information. Cultivating a culture of healthy skepticism among employees is crucial. When staff understand their roles and responsibilities in cybersecurity, the entire operation becomes more resilient against digital threats.
Regular cybersecurity assessments
Manufacturers should conduct frequent cybersecurity evaluations, either through internal IT teams well-versed in current trends or by engaging external specialists. These assessments provide valuable insights into potential vulnerabilities that malicious actors could exploit. Armed with this information, companies can develop or refine protective measures and policies to bolster their defenses against cyber fraud.
By implementing these strategies and maintaining vigilance, manufacturers can build resilience against cyberattacks, safeguarding their operations, data and reputation in an increasingly digital world.
How Wipfli can help
If your manufacturing firm is ready to step up its cybersecurity game, Wipfli can help. Our team of dedicated professionals possesses deep industry knowledge and the tools you need to keep your data secure. From security assessments to managed cybersecurity services, we have a wealth of options to take your technology to the next level. Contact us today to get started.