The ever-growing number of cyberattacks has much of the manufacturing industry on edge – and for good reason. According to a June 2021 report from Morphisec, one in five manufacturers in the US and UK have experienced a cyberattack in the last 12 months. As a whole, manufacturing plants reported three times as many ransomware attacks in 2020 as the previous year.
Cybersecurity has notably reached the highest office of the United States, with President Biden signing an executive order on May 12 after a string of recent attacks on federal agencies. The order outlines a “software bill of materials” that requires government vendors to provide specific tools that will help agencies identify their most vulnerable networks. It’s an important first step in the fight against virtual attacks, but these changes will have to make their way into private organizations in order to more significantly impact the manufacturing industry.
Cyberattacks bring up obvious security and financial concerns for manufacturers, but there are many other hidden dangers to these threats. One compromised plant can result in a backlog through the entire industry’s supply chain, leading to some of the product shortages we’re currently experiencing.
When attacks seem to be coming from all sides, it’s difficult to feel truly secure in the safety of your business. However, experts have noted how essential it is to work with a cybersecurity team and ask them some key questions to decrease your risk for a potential cyber threat.
What’s the status of our internal electronic connections?
According to a security expert from PricewaterhouseCoopers, assessing vulnerable connections between departments is critical to stop cyber threats before they happen. Performing a review of all tools and assets shared throughout the organization has helped other companies catch weak links in their electronic defenses and ensure sensitive information has all the proper barriers in place. You may also want to ask your IT department about the best ways to communicate with them in the event that you discover a threat or vulnerable channel. Providing a clear path of communication can help move emergency actions along much more quickly – and once you discover a cyber threat, every second counts.
Are there any parameters to remote work?
Working from home has added flexibility and physical safety for employees at many companies, but unfortunately, it’s also opened the door to cyberattacks. Data from a recent survey of IT and cybersecurity professionals indicates that remote work caused security breaches in 20% of all organizations last year. For organizations that use remote work in some capacity, it’s essential to consult your cybersecurity team about the tools currently in place to prevent hackers from stealing remote access and capturing confidential information. If you haven’t yet added any security features to address these risks, consider asking about geographic limits for remote access, multi-factor authentication, and heightened control over user permissions to your network.
Do we have protected backups in place?
For all too many businesses, cyberattacks eventually do become a reality. If your plant experiences a security threat, do you have a backup of your most critical data to get operations back up as soon as possible? And what methods does your cybersecurity team have in place to protect those backups? According to IndustryWeek, manufacturers who store monthly backups of all their data at a safe off-site location are able to recover more quickly from a cyberattack. If essential information is lost in an attack with no way to get it back, recovery may take weeks, if not months, leading to drastic delays, wasted product and lost revenue.
Vendors and partners are also an important group to consult about cybersecurity. Though they exist outside of your organization, they will likely have sensitive information about your products or services within their own network. To ensure you company is fully protected, be sure to talk to your current vendors about their cybersecurity plans and ask any new partners about their security practices before entering into an agreement. For other concerns you may have about your organization’s cybersecurity, don’t hesitate to reach out to your IT department or a trusted team of security experts in your area. These experts can provide more detailed advice for your specific needs and help you design strategic processes, giving your business as much protection as possible.