To combat cyberattacks, which pose a growing threat during the COVID-19 pandemic, manufacturers should take a page out of their own book and apply an assembly line approach to their cybersecurity.
Even after the infamous cyberattacks of WannaCry and NotPetya that cost manufacturers millions of dollars in 2017, nearly half of all manufacturing companies still suffered a data breach in the past year. Threats are evolving so quickly that manufacturers simply can’t keep up.
But by breaking down cybersecurity into its independent parts, manufacturers can better prepare for inevitable data breach attempts.
Despite the security risks associated with the Industrial Internet of Things (IIoT), connected devices have far more advantages than disadvantages on the factory floor.
The manufacturing industry must embrace digital transformation to remain resilient amid a tight labor market, shifting trade policies, and a global economy hit hard by COVID-19.
IIoT devices can help manufacturers improve performance, access consistent reports and insights, improve process visibility and customize their capabilities more seamlessly.
Think back to the 2016 attack on Dyn, a domain name system (DNS), which brought down major sites including Twitter, Netflix, Paypal and Spotify. Groups of automated harmful programs, or botnets, attacked IoT devices in what was, at the time, the largest DDoS attack in history.
According to a study conducted by IBM, the average time to identify a data breach is 197 days, the average time to contain a data breach once identified is 69 days and the average cost of a data breach in the U.S. is $7.91 million.
In the words of former FBI Director Robert S. Mueller III, “It is no longer a question of ‘if,’ but ‘when’ and ‘how often.’
There are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”
Even though data breaches are inevitable, manufacturers can still take the right precautions to decrease their magnitude and mitigate potential damage.
Think about cybersecurity like a product in your assembly line. At every stage in the process, something new gets added, until you’ve assembled the final product. But if you stop adding new pieces in the middle of the process and try to use the product, it likely won’t work properly.
Managing cybersecurity like an assembly line requires strategies for every part of the process.
Segmentation restricts network access to approved users and gives IT teams the ability to better control, monitor and protect the flow of information. If one subnetwork gets hacked, the risk of spread and the amount of data compromised are much lower.
Additionally, manufacturers should establish device geofencing, which provides an added layer of access control and streamlines BYOD management. These boundaries limit access to certain applications or devices and track compliance within a specific geographical perimeter.
A geographical perimeter can also be set up as a “device fence” — to alert system administrators when company-owned devices leave the premises or the device can be set to automatically shut off access.
These employees are usually overworked and lack the necessary checks and balances of a fully staffed IT department. It should come as no surprise then that the burnout rate is incredibly high among these professionals — adding further strain to manufacturers trying to compete in a tight labor market.
Managed security service providers (MSSPs) can fill in the gaps that IT departments can’t manage single-handedly. External specialists not only have access to a much broader cybersecurity toolkit than in-house staff, they also often cost less than hiring an entire internal team. And the savings in reduced malware infection rates are invaluable.
The MSSPs approach includes a perimeter defense, endpoint security, intrusion detection and prevention systems (IDPs). The MSSPs also provide security information and event management (SIEM).
No, the pace of IIoT cyberattacks isn’t letting up — they’re intensifying in the wake of the coronavirus.
It’s only a matter of time before your manufacturing company is breached — if you haven’t been already.
Know that the right combination of security layers can help you detect and prevent more breaches, and recover quicker when the inevitable strikes.
Image Credit: Ivy Son; Pexels
The post Manufacturers: Approach Cybersecurity Like Your Assembly Line appeared first on ReadWrite.