How manufacturers can protect against cyberattacks
New technological frontiers like the Internet of Things (IoT), 3D printing, robotics and big data have brought many efficiency and innovation gains for manufacturers – yet they have also introduced new risks and created new attack surfaces for would-be attackers to take advantage of. In the past year, half of UK manufacturers were victims of cybercrime.
A well-timed cyber-attack can have devastating impact – potentially halting production, compromising sensitive company Intellectual Property (IP) and customer data, and even causing physical damage to equipment or putting human lives at risk. On average, unplanned downtime costs manufacturers around £125 a second – not to mention reputational damage and possible legal ramifications. Given manufacturers’ pivotal roles in global supply chains, such events can have a domino effect that spreads across the world.
At a time when the industry is facing challenges from all sides – from the Russia-Ukraine war to the threat of a global recession and extreme weather – manufacturers need to position themselves in the best way possible if the worst does happen. But where to start?
Struggling to adapt to protect against cyberattacks
While desk-based industries have been faced with the threat of cyberattack for decades, the manufacturing sector has had less time to adapt. Operational Technologies (OT) have traditionally been separated from the network, with manual controls set by workers that are physically present. Now, manufacturing is very different. Everything is connected – from thermostat to conveyor belt. Yet this has been a relatively new development. This has put manufacturers at a disadvantage, as they are less likely to have the internal experts and skills needed to tackle these incredibly complex and novel challenges.
Added to this, many are tackling the problem with small teams and limited resources. This was a challenge facing one of our customers, wheel manufacturer, Moveero, whose Global IT Director Faisal Jaffri commented that: “We didn’t have any threat detection capabilities, and we certainly didn’t have any playbooks or a model for how to respond to an attack if one occurred. What kept me up at night was how I’d know if we’ve been breached, and what we’d do in the event of a breach. It would give me sleepless nights.”
Jaffri certainly isn’t alone here. Research from 2022 shows less than two thirds (62%) of manufacturers have a formal cybersecurity plan in place. While this is an increase from just 33% in 2018, the industry still has a long way to go.
Four steps to cyber success
With the level of threat increasing, manufacturers cannot afford not to have a cybersecurity strategy in place. The interconnectedness of modern manufacturing lends itself to all manner of attack – from crippling ransomware, to phishing attacks, right through to exploits of software vulnerabilities and attacks against industrial control systems.
Strategic and operational preparedness can help set manufacturers apart, making them more resilient to cyber threats and ensuring they retain customer trust – without constraining their ability to innovate and grow.
This should involve four key steps:
Identify your most valuable assets and assess your risk
You must be able to identify your most valuable data assets in order to protect them. For manufacturers, it is usually intellectual property related to formulas, designs, patents, mining rights and resource locations. Assess what data you are storing, label sensitive information, establish where data resides, define who can access it, and examine the movement of data and messages between networks. By understanding where your ‘crown jewels’ are, you can better prioritise, as explained by Moveero’s Jaffri: “Taking a more risk-based, contextualised approach has specifically allowed us to use our resources more effectively.”
Think like a hacker
The best way to outsmart your adversaries is to think from their perspective. Penetration testing around both your human and IoT weaknesses is a crucial and ongoing component of an effective security programme. You should engage qualified security experts who will emulate hackers using real techniques and evasion methods to validate your security effectiveness across networks, endpoints, IoT and mobile technology. Having a platform to enable targeted threat hunting can also produce actionable insights. The Moveero team now receives a monthly proactive threat hunt – an activity that would previously have been outside their scope and capabilities.
Combat threats with unified visibility
If organisations had the foreknowledge of what to look for, many threats would be prevented. Now, more than ever, manufacturers need unified visibility across their environment. As more manufacturers move to the cloud, the critical integration layer is often overlooked, as well as the large amounts of data coming from IoT devices. Sensors, switches and various devices from the factory floor and along the supply chain, combined with multiple cloud apps and multiple data sources, create huge levels of complexity. Tackling this requires the team to take a holistic view across all systems, devices and networks to gain unified visibility.
Keep security top of mind with your employees and partners
One of the most powerful defences against cyber-attacks is an informed and vigilant workforce. A successful security program relies on employees, partners and suppliers having strong awareness of security policy and an understanding of their role in supporting security and privacy. Instead of relegating security to the boardroom and IT, make communication about risk and prevention strategies a priority with your employees and partners. Having tangible data is key, as Jaffri explains: “Investigations direct us to the important stuff, so we are able to have a proper, more in-depth discussion with our leadership about what we as an organisation should be doing.”
While creating a cybersecurity strategy can seem like a daunting challenge, not having one is a big risk in today’s threat landscape. Given the industry’s acute vulnerability to cyberattacks, a renewed focus on cybersecurity is paramount. Yet you don’t have to do it all alone, or all at once. Knowing your business and what you need to protect above all else will give you a useful starting place. From there, with the right partners, you can start to build a roadmap that will strengthen your resilience – helping to do away with sleepless nights.
By Kyle Falkenhagen, Chief Product Officer Secureworks.
