At one time, cybersecurity was largely a concern of the Information Technology and modern computing industries, yet few others. Thanks to modern advancements, however, that time has long passed. We now know that nearly every industry — including manufacturing — has to be concerned with modern security, and not doing so can have detrimental effects.
Manufacturing is the second most attacked industry in regards to cybersecurity. As previously pointed out last week’s post, Manufacturing’s Cybersecurity Problem, an attack on a single configuration file in manufacturing can have sweeping repercussions, namely because everything is done on a grand scale in the industry.
What needs to be done to protect factories, plants and hardware from external attacks? How can a company lock down their network and systems in the era of IoT sensors and gear?
1. Security Starts at the Foundation
Since intellectual property theft is as problematic as data and virtual theft, security, authentication and proper administrative hierarchies must be established as early as possible. Around the perimeter of a plant, various physical measures should be put in place with limited access. We’re talking about fences, cameras, access card readers and biometrics. Prevent access to the sensitive equipment physically and locally by implementing proper security protocols on every property.
Next, ensure that any and all employees have the appropriate training and knowledge to remain protected themselves, and help keep the property and equipment protected. This means training your staff, in full, on the dangers of cybersecurity and how to prevent unauthorized access. Many security breaches happen, believe it or not, due to employee or personnel negligence.
Finally, ensure the proper protection and bleeding edge measures are put in place. Keeping computer and systems up-to-date, for instance, with all the latest security patches and releases can help prevent an intrusion as much as putting traditional security measures in place. Security certifications are another important aspect of locking down systems and software, and should be a priority as well
2. Secure Automation Networks
Much of the hardware and systems in a plant are automated or set to run with little to no oversight. When this works properly, it keeps the entire development and production process moving forward. Unfortunately, it also makes for an easy target for cyber attackers and should they gain control they can wreak havoc for an extended time, most likely with few parties noticing.
That is unless, of course, you have proper security measures in place for your automation networks and systems. You’ll want a monitoring tool or party that can discern unauthorized access or strange behavior. The network itself should be protected with a series of firewalls or a DMZ (demilitarized zone).
More importantly, ensure that should anyone gain access — even temporarily — the entire system is locked down anyway, providing little to no support for unauthorized parties. Again, this can be done using multi-tiered levels of authentication and active monitoring tools.
3. Have an Incident Plan Established
Many spend a majority of their time putting preventative measures and systems in place, yet have no idea how to handle operations in the aftermath of an attack. It’s important that when you identify a breach or vulnerability you take the proper measures to regain access to your network and prevent further access from unwanted parties. Often, cyber attacks are not something that happen in an isolated timeframe. When an attacker gains access to a network or system, they will continue to tap in, causing more damage, stealing more data and lurking around.
You must draft and implement a proper incident response plan to deal with attacks when they happen, but also to keep everyone organized and focused following an event.
4. Invest In Penetration Testing
You may have excellent security measures and systems in place, but you’ll never know if you don’t put them through their paces. According to Sikich, only a third of companies surveyed admitted they conduct penetration testing annually. That’s incredibly disconcerting.
You see, penetration testing is about more than just attacking your own system and looking for holes. It’s also about regularly maintaining your network, systems and hardware to deal with evolving attacks and solutions.
5. Hold Partners Accountable
While vendors, suppliers and various parties your company interacts with are not directly working for you, they still have a responsibility to secure and help protect your joint operations. This means they should be held to the same level of accountability as your internal workforce.
Ensure your legal team includes security guidelines and protocols into all vendor and partner agreements. Vet partners to be sure they have the proper tools and knowledge to protect and secure their own systems, as well as yours. Come up with collaborative incident response plans, and data security policies to ensure everyone is on the same page. Finally, include third-parties and partners in your network testing process.
Security is very much a joint and collaborative effort across an entire organization and various involved parties, including partners and vendors. If you don’t get everyone onboard and serious about it, you might as well open your arms to potential attacks.
Photos: Nicole De Khors, Paladion.