Cyber threat is holding manufacturing companies back from investing in digital technologies.
How can your manufacturing firm understand its exposure to security risk, and start to take practical steps to address weaknesses?
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Cybersecurity for manufacturing - Five practical steps, by Six Degrees
1. Cybersecurity for
Manufacturing:
Five practical steps
Cyber threat is holding companies back from
investing in digital technologies.
How can your manufacturing firm understand its
exposure to security risk, and start to take
practical steps to address weaknesses?
6dg.co.uk/manufacturing
2. 48%around half of which resulted in financial loss or
operational difficulties.
So what makes manufacturing the third most
targeted sector in the UK for cyber-attacks?
Cybercrime is one of the most significant threats facing businesses today.
of manufacturing firms
have suffered a
cybersecurity incident*
*Source: https://www.eef.org.uk/resources-and-knowledge/research-and-intelligence/industry-reports/cyber-security-for-manufacturers
3. The truth is that there are a number of factors…
Phishing, DDoS and ransomware attacks are common across all industries.
But manufacturers face the additional risk of cyber-attacks targeting operational technology.
Interconnectivity and AI brought about through Industry 4.0 introduces risk and
increases complexity.
This, combined with lower regulation when compared to sectors like government and
finance, makes manufacturing an attractive target for cybercriminals.
It’s also worth considering the motives behind cyber-attacks on manufacturing firms.
Whilst many cyber-attacks are launched to cause disruption or for financial gain,
attacks on manufacturers often focus on obtaining intellectual property or
internal operational information.
So, the stage is set: manufacturers are under attack.
Without taking practical cybersecurity steps, today’s manufacturing firms risk not only financial,
operational and reputational damage, but also the loss of intellectual property and – ultimately –
competitive advantage.
4. STEP ONE
Understand your
security maturity
Manufacturing firms often struggle to understand their risk
exposure. By benchmarking your security maturity you can
make prioritised, actionable cybersecurity decisions that will
protect you from cyber-attacks.
Cybersecurity for Manufacturing: Five Practical Steps
5. STEP TWO
Engage with security risks
at board level
Cybersecurity is complex and technical, but without proper
board-level engagement you won’t gain the appropriate
operational and financial focus. Make cybersecurity tangible
and understandable in order to give yourself the best possible
chance of progressing your security strategy.
Cybersecurity for Manufacturing: Five Practical Steps
6. STEP THREE
Review the relationship
between operational technology
and information systems
Information systems can offer a back door to operational
technology, which may be older and outside of support. In a
famous – and terrifying – example of the physical damage a
cyber-attack can cause, hackers accessed a German steel
mill’s operational technology through its business network,
preventing the mill from shutting down a blast furnace and
resulting in “massive” damage.
Cybersecurity for Manufacturing: Five Practical Steps
7. STEP FOUR
Step up your
patch management
Many manufacturers invest in firewall and antivirus, but
neglect regular security patching. Unpatched systems are a
key attack vector for cybercriminals. Implement a robust
patch management program, with scope for both scheduled
and emergency patching, and make sure to stick to it.
Cybersecurity for Manufacturing: Five Practical Steps
8. STEP FIVE
Implement secure
connectivity
Manufacturers operating in multiple locations should utilise
appropriate connectivity and next generation firewalls to
ensure there are no weaknesses in the network that can be
exploited by cybercriminals.
Cybersecurity for Manufacturing: Five Practical Steps
9. So, first of all the bad news…
Your manufacturing firm is a target for cybercriminals, and due to the nature of your
business you face a unique set of risks.
But the good news is that…
If you take the right steps to improve your security posture, you can significantly reduce
the chances of becoming a victim of cybercrime.
At Six Degrees, we work with manufacturing firms to understand, engage with and
mitigate the cybersecurity risks they face.
Unfortunately there is no silver bullet to protecting yourself from cyber-attack, and every
business has different risk appetites and threat vectors, but these five practical steps are
a great place to begin your cybersecurity journey.
10. Six Degrees can support you throughout your cybersecurity
journey, from benchmarking your security maturity and representing
you at board level, through to implementing and managing secure
IT systems and processes.
Find out more at 6dg.co.uk/manufacturing
or call us on 0800 012 8060
Download our Minimising IT Risk
in Manufacturing report
to benchmark the level of risk in
your business and discover how
other mid-sized manufacturing firms
are mitigating IT-related risks.