While smart factories are revolutionizing the manufacturing industry through innovation, being connected comes with new risk factors that must be addressed. A Deloitte study revealed that 48% of manufacturers identified operational risks—including cybersecurity—as the greatest danger to their factories.
Manufacturing can be a lucrative ‘get’ for cyber attackers, targeting a company's intellectual property or blocking production. Businesses risk financial, time and productivity losses if they don’t get the balance right. So, how can a business ensure it is safe?
Here are six things to consider.
1. Understand the security requirements and risk
The cloud offers manufacturers an unprecedented level of flexibility, from lights-out manufacturing to remote real-time data. But this level of connection can expose your business to attack.
While it may be your first concern, the risk isn’t limited to connected machines. Manufacturers can also be vulnerable to phishing attacks, ransomware and internal breaches. This means company phones, email addresses and laptops should all be protected. Relying on supply chains also means manufacturing can be disrupted by attacks on suppliers and distributors. Having a clear picture of risk areas is the first step to creating a secure network.
2. Document policies and processes
A false sense of security can be devastating to a manufacturing business if a cyberattack eventuates. Even if the company is on top of what needs to be done, it must ensure everyone in the business understands the risks—human behavior is a significant factor in compromised systems.
- Clearly document security measures.
- Implement a policy of regular security reviews.
- Apply software updates as they are made available.
- Teach staff about the benefits of strong passwords and two-factor authentication.
- Ensure new employees are educated as part of their onboarding.
- Introduce a “principle of least privilege”—give employees the minimum permissions they need to perform their duties.
3. Choose secure machines
Operational technology, including tooling machines, creates endless opportunities for manufacturers. In the past, these machines had no external links to networks and so were not vulnerable to digital attacks.
Running machines 24/7 means relying on the network to remain secure even when operators are not there. Because of these risks, ANCA machines have been designed to use whitelisting to ascertain networks can only be accessed by predetermined parties. That means new software and devices must be authorized before they can be added, massively reducing the risk of introducing viruses, malware or weak points. Each piece of software has been thoroughly assessed for vulnerabilities before being whitelisted, so manufacturers can be assured of their machines’ security.
4. Get a clear picture of the whole network
If using a tooling machine, the company is exposing its systems to external third parties. The potential consequences are that the company could lose data, productivity time, or require ongoing maintenance. The machine is being put at risk.
A manufacturing business isn’t just the machines in the factory. It includes other businesses—like material suppliers, logistics companies and even accountants—and all of their extended networks. Any vulnerability they have can affect the business outcomes.
Speak to each of the stakeholders about what they do to protect their networks. The company may not be able to change its approach, but it will help to mitigate risks, for example, by choosing a more secure supplier or looking into vertical integration.
5. Make regular offline backups
Even the most secure cloud and digital systems can fail. To ensure the IP is as robust as possible, and to limit the impact on productivity, managers should be performing regular offline backups away from a network.
It’s best to be overcautious. Store multiple backups in different places to better distribute the risk of further data loss—and make sure those locations are secure, too.
Automating this process eliminates the need to remember to do it (often until it’s too late) but performing periodic manual backups will provide the best coverage.
6. Be ready to adapt
Cybercrime is big business—some reports suggest it’s the equivalent of the world’s third-largest economy, inflicting damages in the trillions of dollars every year. Globally, spending on cybersecurity is expected to grow to almost $350 billion by 2026.
With so much at stake, the goalposts are constantly changing. New viruses appear in the market every day, with rapid patching and greater security a constant feature. To guarantee a business’s ongoing safety, be ready to respond to new threats by frequently updating all software—not just to the antivirus software—and deferring to machine experts as situations change.