Top Cyber Security Tips for IT Directors in Manufacturing

Why are cybercriminals targeting the manufacturing industry?

Did you know that manufacturing was the most targeted industry by cybercriminals in 2023? A recent study¹ revealed that 40% of manufacturers experienced a cyber incident within a 12-month period. Among manufacturing businesses that experienced a cyber incident, 87% reported unauthorized access, 86% faced operational disruptions, and 85% encountered intellectual property theft.

Cybercriminals focus on manufacturers due to the valuable supply chain data they possess. The interconnected systems in manufacturing often provide access to monitoring systems, designs, intellectual property (IP), and procurement data; breaching these systems can cause severe damage and downtime that can cost manufacturers $17,000 per minute. This costly downtime and potential theft of high-value data makes the manufacturing industry an attractive target for ransomware.

How can manufacturers cost-effectively scale cyber security?

1. Educate Operators on New Threats: Manufacturing companies account for nearly 25% of all ransomware attacks. By using Security Awareness Training, your operators will learn how to recognize legitimate system updates and warnings, versus malicious attacks from hackers.  

2. Regularly Evaluate & Update Equipment: With industrial control system vulnerabilities increasing by 50%, operators must ensure processes and time are dedicated to evaluating equipment/applications because outdated devices can cause overlooked vulnerabilities. Run Vulnerability Assessments to test which of your devices and systems are at risk and update them to remove unnecessary security holes.  

3. Conduct Password Audits & Use Multi-Factor Authentication: Employees can be your weakest security defense. Weak passwords have led to a data breach for 30% of users and 34% of employees on average admit to sharing passwords with coworkers.  Ensure business accounts are secure by implementing multi-factor authentication and running Penetration Tests to know which users are most vulnerable. If you employ SCADA equipment, run a Penetration Test on the layers of security around your legacy equipment, as traditional methods can cause disruptions to the supply chain.  

4. Assess Supply Chain Security: Manufacturers should prioritize the implementation of robust vendor communication protocols to ensure a consistently secure supply chain; this includes empowering vendors and employees with comprehensive training on secure document and transaction management. Additionally, internal threats can be mitigated by integrating Next-Generation Firewall, SD-WAN overlay, and Virtual Private Networks (VPNs) with some form of Managed Perimeter Security (MPS).  

5. Inventory Sensitive Data/Who Has Data Permissions: According to a recent Ponemon report, 70% of organizations stated they experienced a third-party breach from granting users too much access. When securing sensitive data, leave no stone unturned. Inventory and assess every employee/vendor who has access to what data. For more sensitive enterprise data, ensure each group understands its permission levels. Deploy a Zero Trust Endpoint Solution to enforce these new protocols and ensure only approved personnel access sensitive data.  

6. Scale Services When Needed: Cyber security is constantly evolving. Take the time to understand your in-house resources and skill set. That way, you can start assessing what and when you should outsource to a 24/7 Cyber Security Operations Center (CyberSOC).

Conclusion

It takes 34% of businesses a week or more to recover their data after a cyberattack. Prevent disruptions to production schedules by assessing and protecting your data using Claro Enterprise Solutions’ Cyber Security Suite. Discover more>