Manufacturing has opened the door to cyber threats – how to get cyber-savvy. By Reidar Boldevin 

The rise of digital technologies such as IoT, cloud computing, and automation has left manufacturing systems exposed to cyber threats. As a result, the industry has been the most cyberattacked sector for three consecutive years. To avoid further financial and reputational damage, manufacturers must manage their Operational Technology (OT) and Informational Technology (IT) by segmenting networks, controlling access, and constantly monitoring their systems. 

a modern manufacturing or industrial facility, likely showcasing a production line or automated machineryFrom the top to the bottom – everyone needs to be cyber-savvy 

Cybersecurity is more than just an IT problem! Manufacturers need to view cybersecurity differently and that starts by not delegating it to Security Operations Centre (SOC) teams, but by implementing measures across all business operation levels. 

  1. Highlight the cyber weak areas

First, manufacturers must assess the current level of digital readiness with a digital awareness check. As a top priority, manufacturers need to secure the boundary between IT and OT, and this involves safeguarding critical assets and preventing unauthorized access. 

Manufacturers can prioritize cybersecurity efforts by quantifying risks and assessing the impact on operations in case of outages. Without this step, manufacturers will accumulate several security systems that don’t meet their needs, and this can lead to inefficiencies and potential security risks. 

Preparation is key to recovery 

It’s important to have a business continuity plan for critical IT incidents. This will enable essential functions to continue for a limited time and help manufacturers manage supply chain disruption more effectively. A structured disaster recovery plan, understood by every employee, should follow to establish plans for response to cybersecurity incidents and minimize operational downtime. 

  1. Data is king, effective data governance will treat it like one

Manufacturing companies possess invaluable data that optimizes operations and drives innovation but without proper management and security, this data poses a significant security risk. Every piece of information can paint a comprehensive picture of a company’s operations, strategies, and vulnerabilities. This is where effective data governance policies and procedures can prevent data from falling into the wrong hands. 

Data audits can assess the sensitivity and criticality of datasets and evaluate existing security measures and controls. Machine learning and AI technologies can help here by identifying pattern anomalies and potential data threats, enabling proactive risk management and threat detection. 

  1. Stay one regulatory step ahead

Cybersecurity can also safeguard a company’s brand perception. Manufacturers can reinforce customer trust by staying up-to-date on the latest cybersecurity certifications and regulations to show the market that the company prioritizes security. 

The Network and Information Security Directive (NIS2) is the next legislation set to impact manufacturing organizations that operate in the EU. The directive aims to build on previous regulations by implementing more robust cybersecurity and resilience standards, as well as more stringent reporting measures. 

Prepare to withstand supply chain disruptions 

To complete preparations for NIS2, companies will need to manage the cybersecurity risks associated with suppliers and ensure that appropriate security measures are in place throughout the supply chain. This presents an opportunity for companies to strengthen supply chains and build resilient relationships with suppliers. 

  1. Control access to lock down any weak links

The connectivity between OT and IT environments allows employees to work across interfaces but it also creates risks for workstations. An infected work terminal can become a stepping stone to the production environment. Access management can help manufacturers introduce authorization measures that ensure employees only access what they need, when they need it, and from approved locations. 

The rise of home offices adds a new cybersecurity challenge 

With more people working remotely and, on their devices, it’s important to consider the security implications of non-compliant devices. This is where stronger access controls and authentication methods can keep sensitive data and systems safe from potential threats. 

  1. Defend from the front with a cyber-secure mindset

According to IBM’s X-Force Threat Intelligence Index report, cyber threats are more likely to come through a company’s employees. Cybersecurity measures are an industrial manufacturing facility, specifically showcasing robotic arms on an assembly line only effective if employees understand best practices – so it’s important to train employees to adapt and excel with more secure workflows. 

But don’t let measures affect workflow 

Robust access management processes supported by efficient tools can reduce delays and frustration for employees while maintaining security standards. Single sign-on for instance, which consolidates access to various systems under one account, improves security and adheres to zero-trust practices without sacrificing user convenience. 

Securing the new line of digital defense in manufacturing 

As much as manufacturers want to prioritize connectivity to boost production, this will only be achievable by also prioritizing cybersecurity! One cyber slip-up could have catastrophic effects, which is why manufacturers must act now to prevent the next cyber-attack.  

Reidar Boldevin  

www.columbusglobal.com  

Reidar Boldevin is Consulting Manager – Security at Columbus, a global digital consultancy specialized in solving complex challenges for customers in the manufacturing, retail & distribution, food & beverage, and life science industries. With over 1600 digital advisors in more than ten countries, it delivers business-critical solutions in areas such as CloudERP, Data & Analytics, Application Management, Digital Commerce, Cybersecurity, AI Innovation, and ESG. With headquarters in Denmark and a presence worldwide, it ensures local delivery of services on a global scale.