In 2020, Cisco found that 50% of large enterprises (with over 10,000 employees) are spending $1 million or more annually on security, with 43% spending $250,000 to $999,999, and just 7% spending under $250,000.
According to “2021 Cybersecurity: Assess Your Risk,” a new report from PMMI Business Intelligence, the dangers of a cyberattack are very real for these manufacturers, and it can be daunting to keep up with rapid developments in cybersecurity. While it is easy for manufacturers to feel like they are helpless in the face of sophisticated technological attacks, there are well-defined steps to protecting operational security, with the first being a comprehensive, detailed analysis of operational vulnerabilities.
Once manufacturers understand what these operational vulnerabilities are and where they are located, they can begin to secure networks and establish and enforce cybersecurity best practices at their locations. Said one cyber partner Managing Director, “A risk assessment is key to establishing a baseline of where your vulnerabilities are today, what critical data is being collected, and how that data is being protected.”
A Comprehensive Assessment Includes:
• Manufacturers must first have a thorough understanding of what their own operational vulnerabilities are and where they exist in their organization.
• Manufacturers should conduct a thorough assessment of their systems, devices, equipment, networks, and all other connection points both inside and outside their operations.
• Manufacturers will need to understand the layout of their internal networks: how individual components (including employee devices such as phones) of networks are connected, how individual networks are connected to one another, how/if remote access is allowed, and where any external connection capability (i.e., internet connectivity) resides.
Given the increase in frequency of OT-based attacks, it is especially important for organizations to have a detailed understanding of their ICS architecture. A comprehensive view into the flow of data should also be obtained: how data is collected, where it is stored, and who has access to it – this includes all edge computing and cloud computing capabilities as well.
Next – A Dedicated Team:Once a comprehensive and detailed overview of an organization’s operations and vulnerabilities is compiled, manufacturers should pivot to actively monitor for any suspicious activity. Manufacturers should strongly consider placing a dedicated team equipped with a robust suite of software designed to monitor and flag any suspicious activity in charge of observing an organization’s network activity. Companies are reporting that the burden of guarding against cyberattacks has been increasing in recent years, with 58% saying that threat detection and response has steadily grown more difficult. This struggle makes sense: as the frequency of cyberattacks has increased dramatically in recent years – one analysis estimates that $2.9 million is lost to cybercrime every minute.
Security Information and Event Management (SIEM):
A SIEM platform is an essential part of cybersecurity monitoring, giving manufacturers a detailed view of their network traffic. While all systems vary slightly and there are many vendors, a SIEM can often perform functions such as:
• Data aggregation to manage logs
• Data correlation to present information in a usable fashion
• Proactive alerts generated from automated analysis of events that can be displayed in real time on a dashboard
Data Organization:
Manufacturers need to ensure that their cybersecurity experts are properly empowered with the data they need to effectively safeguard the organization. Data and statistics on network traffic and login frequency are of no use if the team responsible for cybersecurity is unable to easily locate, access, and utilize it on-demand in a workable format.
Most Important - Vigilant Testing:
More than anything, vigilance is required for any cybersecurity strategy to be effective in the long term. Any alterations or adjustments to equipment, software, production schedules, data gathering, information reporting, personnel, and physical plant infrastructure bring with them numerous considerations for cybersecurity.
A robust cybersecurity plan requires constant updating and adjusting as new factors enter into an organization’s processes. Because of this, it is beneficial for manufacturers to periodically test their cybersecurity by performing simulated attacks to test the response; ensuring cybersecurity plans are up to do date and simultaneously maintaining the preparedness of their cybersecurity team.
Challenges:80% of companies interviewed stated that they have no idea where in their organization sensitive data was located and had no knowledge as to whether or not it was secure.
Brand manufacturers interviewed list the obstacles to attaining a more secure operation as a lack of understanding of the risks of a cyberattack, legacy equipment and software, adequate budget, staff shortages, employee carelessness, and, establishing a “security first” culture.
Download this FREE report below.
Source: PMMI Business Intelligence, “2021 Cybersecurity: Assess Your Risk”
