Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Protect assets from ransomware, trojans, rootkits and more.
Intelligence and visibility across AWS, O365, DevOps and more.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Originally posted in Industry Today on July 10 ,2019
Modern manufacturing faces a trinity of issues when it comes to cybersecurity. First is the merging of manufacturing IT and OT ecosystems and the adoption of new technologies. Second is the increasingly sophisticated cyber criminals who will exploit any vulnerability. Third is the resulting board and executive level of accountability when it comes to cyber risks. To succeed in today’s digital economy, manufacturing companies need to fully understand why and how each of these areas affect security.
As operational (OT) and information technology (IT) systems converge and blend into one ecosystem, the job of securing these systems typically sits in two different teams who aren’t used to talking to each other. This is a cultural barrier that must be overcome. Historically, manufacturers have interacted with not one technology team, but two. And these two teams aren’t aligned.
IT teams move at a fast pace to cope with evolving technology for their administrative networks. They regularly reconfigure and refresh equipment and software to cope with new business challenges. OT teams, on the other hand, think in much longer terms. They expect their technologies, like programmable logic controllers and distributed control systems, to be in place for many years. What’s more, IT and OT don’t speak the same language. The DevOps, agile sprints and canary software releases that come up in IT meetings are worlds away from plant-floor technology discussions.
And at the same time, manufacturing firms are adopting new technologies like cloud, machine learning and analytics, and IoT/IIoT, which all come with their own cyber risks. These technologies reduce errors, increase productivity, make better production projections and more. That leads to cost savings, increased profits and competitive advantage. However, they also eradicate the “air gap” that once kept OT systems off the internet and safe from attack.
This provides new opportunities for attackers. Cyber criminals are getting more brazen as they continue to adapt to new technologies and systems. They will prey on the areas they find most lucrative, which includes law firms, healthcare organizations and manufacturers. And in particular, smaller and medium-sized manufacturers typically make easier targets than larger organizations. That’s because they often don’t realize how valuable their data and intellectual property are.
In a 2018 FutureWatch report conducted by eSentire, manufacturing firms self-ranked higher than financial institutions when it came to vulnerability to cyber attacks.
Manufacturers are starting to understand that cybersecurity is a board-level issue; they need to view it as an enterprise problem, not just a technology problem. OT risk and IT risk both jeopardize the business.
To overcome this enterprise problem, manufacturers need to create cybersecurity best practices and policies. This requires top-level coordination, which in turn requires cybersecurity to be a core strategic issue, with a chain of command and clear allocation of responsibilities. That means it must start at the board level.
Risk management is a key component of cybersecurity. Manufacturers will need both IT and OT’s help in identifying cybersecurity risks and prioritizing them based on likelihood and impact. Teams can weigh vulnerabilities based on their impact to those assets that are mission-critical to the company.
In addition to overseeing internal systems, manufacturers must extend risk management and cybersecurity protections to their supply chain partners’ security issues, too. To do this, they must identify the risk associated with the supply chain and contractually obligate those supply chain elements to specific security standards. A manufacturer should behave like a privacy regulator by establishing a cybersecurity trigger, so that when an event occurs, they must report it in a certain time frame.
Attacks on manufacturing firms don’t show any signs of slowing down and, in fact, will likely increase. There are no magic bullets, but there are several key steps that firms can take to reduce risk and improve their ability to respond and recover:
With so many new technologies at its disposal, the manufacturing sector has an exciting future. Possibilities abound for new processes and products, greater efficiencies and higher revenues. But along with these opportunities come the risks of an expanded threat landscape and the need for a comprehensive cybersecurity strategy. This strategy must start at the board level and align OT and IT teams to create a united front.
Mark is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations.