Many Manufacturers Still Falling Short in Cybersecurity

Despite the constant news about the growing cyber threats in the manufacturing industry, many manufacturers are still falling short in cybersecurity planning.

Despite the constant news about the growing cyber threats in the manufacturing industry, many manufacturers are still falling short with cybersecurity planning Despite the constant news about the growing cyber threats in the manufacturing industry, many manufacturers are still falling short with cybersecurity planning and operating antiquated systems that leave them vulnerable to attack.

Rebecca Taylor, senior vice president of strategic partnerships at the National Center for Manufacturing Sciences, said in a presentation at the recent Automation Conference in Chicago that while 47 percent of manufacturers polled said no cybersecurity attacks have taken place, many companies keep attacks a secret or don’t even know they have been subjected to an attack.  Some of the most common vulnerabilities manufacturers have are unsecured IoT devices, unpatched operating systems, denial of service, malware, coin-mining, ransomware and spear phishing.

Taylor noted today’s ICS (industrial control system) environment is difficult to secure because they have traditionally been protected from cyberattacks by physical isolation, an approach that no longer works. Many manufacturers are trying to integrate new technologies while still running part of their ISC systems on antiquated systems like Windows 98 or Windows 2000. A survey by Deloitte also found that only half of companies segment or isolate their ICS networks from their standard networks, a growing problem when deployments of IoT devices are on the rise.

In 2017, an attack by the NotPetya virus forced Merck to halt production. A Honda facility in Japan was also forced to shut down production last year after the WannaCry virus infected the network. While nearly half of survey respondents to the NCMS survey said they had no breaches, 18 percent admitted to a removable media breach, 12 percent said they had an “other” breach and 9 percent said they had a denial of service attack.

“Even with a hardened target, no organization is ever fully immune to attacks.”

Taylor said in a whitepaper at the organization’s website that small manufactures are especially at risk as they often ignore the topic because of a lack of time and in-house resources. As a result, many who rely heavily on technology for production do not have a cyber protection plan in place to protect their critical assets.

Deloitte Risk and Financial Advisory principals Rene Waslo and Tyler Lewis said in a sponsored post on The Wall Street Journal that today’s connected technologies can increase the risks manufacturers face. While technologies like IoT, analytics, robotics, artificial intelligence and other advanced technologies can bring great benefits, the “elevated threats” can’t be ignored, said Waslo and Lewis.

Manufacturers must implement integrated cybersecurity plans that cover the three essential areas of digital supply networks, smart factories and connected devices. An integrated approach should build in security from the start and protect sensitive data throughout the lifecycle with strong encryption, AI and machine learning solutions to create robust and responsive threat intelligence.

As these connected technologies will only become more complex and integrated in the future, Waslo and Lewis noted there is no “simple patch or fix.” Manufacturers must continually reassess their business continuity, disaster recovery and response plans. “Even with a hardened target, no organization is ever fully immune to attacks. Cyber resiliency begins with accepting the fact that someday the organization could fall victim and then carefully crafting a plan for readiness, response, and recovery. Clearly defined roles, war-gaming exercise, and post-even analysis can all help,” said Waslo and Lewis.


MORE LIKE THIS

  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events

    Roundtable

    Strategic Planning Workshop

    1:00 - 5:00 pm

    We are in a period of rapid change. Customer needs, technologies, competitors and internal capabilities require companies to review and update their strategies for the new realities. In this workshop, strategy experts Steve Rutan and Denise Harrison will show you a systematic approach to strategic planning to help you refine or redefine your business strategy and approach including:

    • Learn what you need to know to develop an effective strategic plan. Put the right players on the strategic planning team.
    • Develop strategies that leverage your company’s unique position in the marketplace. Lift your management team beyond “business as usual” thought processes and activities.
    • Translate your strategies into action. Achieve your vision for success and generate superior financial results.
    • Identify exactly what you need to do now to position your company for future success.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.