English

Six ways to make sure your manufacturing business is cyber-secure

Receive ANCA news direct to your inbox

Stay updated on the latest tips and technology

Subscribe

Privacy Policy

While smart factories are revolutionising the manufacturing industry through innovation, being connected comes with new risk factors that must be addressed. A Deloitte study revealed that 48% of manufacturers identified operational risks—including cybersecurity—as the greatest danger to their factories.
 
Manufacturing can be a lucrative ‘get’ for cyberattackers, targeting your intellectual property or blocking production. Businesses risk financial, time and productivity losses if they don’t get the balance right. So, how can you make sure your business is safe?
 
  1. Understand your security requirements and risk
 
The cloud offers manufacturers an unprecedented level of flexibility, from lights-out manufacturing to remote real-time data. But this level of connection can expose your business to attack.
 
While it may be your first concern, the risk isn’t limited to connected machines. Manufacturers can also be vulnerable to phishing attacks, ransomware and internal breaches, among others. This means company phones, email addresses and laptops should all be protected. Relying on supply chains also means manufacturing can be disrupted by attacks on suppliers and distributors. Having a clear picture of risk areas is the first step to creating a secure network.

  
  1. Document your policies and processes
 
A false sense of security can be devastating to a manufacturing business if a cyberattack eventuates. Even if you’re on top of what needs to be done, you must ensure everyone in the business understands the risks—human behaviour is a significant factor in compromised systems!
 
  • Clearly document your security measures.
  • Implement a policy of regular security reviews.
  • Apply software updates as they’re made available.
  • Teach staff about the benefits of strong passwords and two-factor authentication.
  • Ensure new employees are educated as part of their induction.
  • Introduce a “principle of least privilege”—give employees the minimum permissions they need to perform their duties.
 
  1. Choose secure machines
 
Operational technology, including tooling machines, creates endless opportunities for manufacturers. In the past, these machines had no external links to networks and so weren’t vulnerable to digital attacks.
 
Running machines 24/7 means relying on the network to remain secure even when you’re not there. Because of these risks, machines at our sister company ANCA CNC Machines have been designed to use whitelisting to ascertain networks can only be accessed by predetermined parties. That means new software and devices must be authorised before they can be added, massively reducing the risk of introducing viruses, malware or weak points. Each piece of software has been thoroughly assessed for vulnerabilities before being whitelisted, so manufacturers can be assured of their machines’ security.



 
  1. Get a clear picture of your whole network
 
If you're using a tooling machine, you're exposing your systems to external third parties. The potential consequences are that you could lose data, you could lose productivity time, or you’ll have ongoing maintenance. You’re putting your machine at risk.
 
Your manufacturing business isn’t just the machines in your factory. It includes other businesses— like material suppliers, logistics companies and even accountants—and all of their extended networks. Any vulnerability they have can affect your business outcomes.
 
Speak to each of your stakeholders about what they do to protect their networks. You may not be able to change their approach, but it’ll help you to mitigate the risk at your end, for example, by choosing a more secure supplier or looking into vertical integration.
 
  1. Make regular offline backups
 
Even the most secure cloud and digital systems can fail. To ensure your IP is as robust as possible, and to limit the impact on your productivity, you should be performing regular offline backups away from your network.
 
It’s best to be overcautious. Store multiple backups in different places to better distribute the risk of further data loss—and make sure those locations are secure, too.
 
Automating this process eliminates the need to remember to do it (often until it’s too late) but performing periodic manual backups will give you the best coverage.
 
  1. Be ready to adapt as things change

Cybercrime is big business—some reports suggest it’s the equivalent of the world’s third-largest economy, inflicting damages in the trillions of dollars every year. Globally, spending on cybersecurity is expected to grow to almost US$350 billion by 2026.(1,2)
 
With so much at stake, the goalposts are constantly changing. New viruses appear in the market every day, with rapid patching and greater security a constant feature. To guarantee your business’s ongoing safety, be ready to respond to new threats by frequently updating all software—not just your antivirus—and deferring to machine experts as situations change.

[1] https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
[2] https://cybersecurityventures.com/cybersecurity-market-report/

29 April 2021