What We Do
How we do it
Resources
SECURITY ADVISORIES
Jul 29, 2021
UPDATE: PetitPotam NTLM Relay Attack
THE THREAT PetitPotam is a variant of the NTLM Relay attack discovered by security researcher Gilles Lionel. It is tracked as an authentication bypass vulnerability in Active Directory (Certificate Services); currently no CVE identifier has been assigned to this vulnerability. Proof of Concept (PoC) code released last week [1] relies on the Encrypting File System Remote (EFSRPC) protocol to…
Read More
View all Advisories →
Company
ABOUT eSENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Jul 12, 2021
Tecala and eSentire Partner to Protect Enterprises across APAC from Business-Disrupting Cyber Attacks
Sydney, 12 July, 2021 - Tecala, Australia’s award-winning technology services and IT consulting provider, today announced it has chosen eSentire, the global Authority in Managed Detection and Response (MDR) cybersecurity services, as their exclusive MDR solution provider in Australia and New Zealand. This partnership will enable Tecala to augment its cybersecurity practice and offer enterprises…
Read More
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Resources
Blog — Jul 15, 2019

Cybersecurity for the modern manufacturing plant

4 min read

Originally posted in Industry Today on July 10 ,2019

Modern manufacturing faces a trinity of issues when it comes to cybersecurity. First is the merging of manufacturing IT and OT ecosystems and the adoption of new technologies. Second is the increasingly sophisticated cyber criminals who will exploit any vulnerability. Third is the resulting board and executive level of accountability when it comes to cyber risks. To succeed in today’s digital economy, manufacturing companies need to fully understand why and how each of these areas affect security.

Digital transformation and emerging technologies

As operational (OT) and information technology (IT) systems converge and blend into one ecosystem, the job of securing these systems typically sits in two different teams who aren’t used to talking to each other. This is a cultural barrier that must be overcome. Historically, manufacturers have interacted with not one technology team, but two. And these two teams aren’t aligned.

IT teams move at a fast pace to cope with evolving technology for their administrative networks. They regularly reconfigure and refresh equipment and software to cope with new business challenges. OT teams, on the other hand, think in much longer terms. They expect their technologies, like programmable logic controllers and distributed control systems, to be in place for many years. What’s more, IT and OT don’t speak the same language. The DevOps, agile sprints and canary software releases that come up in IT meetings are worlds away from plant-floor technology discussions.

And at the same time, manufacturing firms are adopting new technologies like cloud, machine learning and analytics, and IoT/IIoT, which all come with their own cyber risks. These technologies reduce errors, increase productivity, make better production projections and more. That leads to cost savings, increased profits and competitive advantage. However, they also eradicate the “air gap” that once kept OT systems off the internet and safe from attack.

This provides new opportunities for attackers. Cyber criminals are getting more brazen as they continue to adapt to new technologies and systems. They will prey on the areas they find most lucrative, which includes law firms, healthcare organizations and manufacturers. And in particular, smaller and medium-sized manufacturers typically make easier targets than larger organizations. That’s because they often don’t realize how valuable their data and intellectual property are.

Accountability remains a core issue

In a 2018 FutureWatch report conducted by eSentire, manufacturing firms self-ranked higher than financial institutions when it came to vulnerability to cyber attacks.

Manufacturers are starting to understand that cybersecurity is a board-level issue; they need to view it as an enterprise problem, not just a technology problem. OT risk and IT risk both jeopardize the business.

To overcome this enterprise problem, manufacturers need to create cybersecurity best practices and policies. This requires top-level coordination, which in turn requires cybersecurity to be a core strategic issue, with a chain of command and clear allocation of responsibilities. That means it must start at the board level.

Risk management is a key component of cybersecurity. Manufacturers will need both IT and OT’s help in identifying cybersecurity risks and prioritizing them based on likelihood and impact. Teams can weigh vulnerabilities based on their impact to those assets that are mission-critical to the company.

In addition to overseeing internal systems, manufacturers must extend risk management and cybersecurity protections to their supply chain partners’ security issues, too. To do this, they must identify the risk associated with the supply chain and contractually obligate those supply chain elements to specific security standards. A manufacturer should behave like a privacy regulator by establishing a cybersecurity trigger, so that when an event occurs, they must report it in a certain time frame.

Dotting cyber I’s and crossing cyber T’s

Attacks on manufacturing firms don’t show any signs of slowing down and, in fact, will likely increase. There are no magic bullets, but there are several key steps that firms can take to reduce risk and improve their ability to respond and recover:

United you stand

With so many new technologies at its disposal, the manufacturing sector has an exciting future. Possibilities abound for new processes and products, greater efficiencies and higher revenues. But along with these opportunities come the risks of an expanded threat landscape and the need for a comprehensive cybersecurity strategy. This strategy must start at the board level and align OT and IT teams to create a united front.

Mark Sangster
Mark Sangster Vice President and Industry Security Strategist

Mark is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations.