To keep up with the pace of production and satisfy customer demand, today’s manufacturers have gone digital. Although Industry 4.0 and the increasing use of automation and robotics on the manufacturing floor space have plugged them in, the daily barrage of cyber-attacks on their supply lines have them on their heels.
“Cyber-attacks have become a daily reality,” Doug Kim said, Attorney at Douglas Kim Law firm.
With technology such as cold storage, IoT and API in use, there is a an elevated risk of breach, he said. While there are improvements in the technical aspects of cyber-security including firewalls and encryption authentication systems, “we have under-emphasized some of the basics of a good security plan.”
And because machines are now talking to one another up and down the supply chain, Jennifer Bolling, Regional Director of Cyber Liability Practice at Arthur J. Gallagher & Co., said risk management is no longer limited to an organization’s network and operations but extends to other organizations and their vendors with an impact on a manufacturer.
Vendor controls should be reviewed and audited annually while selection of vendors should consider common privacy and security goals, she said. “You are only as strong as your weakest link and organizations should consider this when selecting vendors.”
In 2018, data compiled from a Verizon Data Breach Investigations Report showed manufacturing was the second highest industry attacked using Crimeware (malware) and led all industries in reported Social Engineering attacks.
Based on these statistics, Security Awareness Training should be a top priority for manufacturer’s in 2019.