Protecting the Future: How Manufacturers Can Build a Strong Cybersecurity Posture

Cybersecurity attacks are increasingly happening across all industries, but manufacturing may be more susceptible than others. From the complexity of the networks and infrastructure they maintain to the large amount of valuable data they possess, manufacturers are prime targets – and the consequences can be severe. To help combat threats, robust cybersecurity measures are a must.

Why Manufacturers Are Especially Vulnerable

The IBM X-Force Threat Intelligence Index 2022 indicates manufacturing became the world’s most attacked industry for the first time in five years. These attacks are exacerbating global supply chain issues that already exist due to the COVID-19 pandemic. The report shows that in 2021, 23.2% of cyberattacks across all industries are attributed to manufacturing. This same statistic was 17.7% in 2020.

Manufacturers are more vulnerable to these attacks for many reasons, not the least of which include:

• Use of outdated technology: Many manufacturers are still using legacy systems that are no longer supported by the vendor, making them more vulnerable to cyberattacks.
• Complex supply chains: Manufacturing companies often rely on complex supply chains that involve multiple vendors and partners, which increases the risk of a cyberattack.
• Lack of cybersecurity expertise: Many manufacturing companies do not have dedicated cybersecurity teams or lack the resources to implement robust cybersecurity measures, making them an easy target for cyber criminals.
• High-value targets: Manufacturing companies often have valuable intellectual property, including trade secrets and proprietary information, making them an attractive target for cybercriminals.
• Increasing use of IoT devices: The use of Internet of Things (IoT) devices in manufacturing has increased, making it easier for cybercriminals to gain access to critical systems.

What’s the Impact?

The effects of cyber incidents vary widely, but in certain situations they can be devastating. For example, in March 2022, tire manufacturer Bridgestone Americas reported that they experienced a ransomware attack. In order to prevent the attack from spreading across their IT environment, Bridgestone disconnected its network at numerous facilities in Latin and North America. This resulted in a production halt at approximately 50 locations, causing 55,000 employees to be sent home and the loss of millions of dollars. The costs associated with attacks like this could be crippling to even the largest organizations. Smaller manufacturers might not be able to survive closing shop for any period of time.

What’s Next?

Start With the Most Likely Source: Employees

Many times, the door for cyberattacks is opened by unprepared employees. For example, an employee falls victim to a phishing attack, compromising data. Or an employee loses their laptop, putting the device’s data at risk. While organizations cannot control what their employees do, they can prepare those employees for what an attack may look like and what the consequences would be. Employee training and awareness is critical. Annual cybersecurity training modules can be inexpensive and are readily available.

Equally as beneficial, because the general public is more informed than ever about data security, it benefits manufacturing companies to be able to show customers and vendor partners that they are taking data protection seriously by not only using threat-suppressing tools but by training their employees as well.

Back It Up and Test Your Plan

Beyond employee training, manufacturers should implement data storage practices. Ransomware attackers target backups of information. If an organization’s backups are online and connected to the network, then it is at risk of being compromised. It’s important to have offline backups that are not accessible from the network, such as a cloud backup solution, DVDs, disk drives, or external hard drives.

While it is imperative for organizations to back up their data, those backups are not valuable if they cannot be used properly to recover from an incident. As such, in addition to maintaining offline backups, organizations should have an incident response plan, which is an internal document that shows how the organization defines an incident and what steps need to be taken in the event of an incident. Developing an incident response plan – and testing it – requires internal time and resources, but it is an inexpensive and critical step in strengthening an organization’s security posture.

Vet All Vendors

Manufacturers work closely with third-party vendors, and, in many cases, those vendors have direct access to an organization’s network. The more network access points there are, the higher the inherent risk. Imagine if an attacker was able to access the accounts receivable database for a vendor. Hypothetically, the attacker could use that information to spoof an email from the vendor requesting a change of payment method for the manufacturer. The communication may look like it came from the vendor, and the organization would be unaware of the change until it’s too late. Due to risks like this, organizations have a responsibility to their customers to ensure that vendors are vetted properly and managing their own risks. Third-party due diligence can be as simple as questionnaires sent to the vendor or through assurance reports like System and Organization Controls (SOC) reports. These reports act as a seal of approval, confirming the organization’s internal controls are well designed and operating effectively.

Ensure Data Access Is Restricted

Employee turnover occurs relatively often in the manufacturing industry, and, therefore, access requirements are constantly changing. Reviewing who has access to sensitive data and systems is impactful and involves minimal time investment. Included in access reviews are segregation of duties. This disperses critical functions of key processes between more than one person or department in order to reduce the risk of fraud or error.

Implement Password Requirements

The use of weak passwords for network or application authentication could lead to unauthorized access or malicious attacks. Requiring passwords to be a certain length and complexity is an easy way to mitigate risk. Cybersecurity insurance providers (among other technical security controls) are now commonly requiring the implementation of multi-factor authentication (MFA) on all email, remote access (including remote desktop protocol connections), privileged and administrative accounts, and backup solutions.

The Bottom Line

Customers and supply chain partners are more cautious than ever when it comes to how their data is stored and shared. Thus, manufacturers must strengthen their cybersecurity posture in order to ensure the protection of the company’s information and continuity.

To discuss ways to improve the current IT controls and cybersecurity risk posture at your manufacturing company, contact your KSM advisor or complete this form.