Manufacturing production is expected to grow 2.4% between 2023 and 2028, and cyber threats facing the industry continue to increase. According to the World Economic Forum, the manufacturing industry had the highest share of cyber attacks among leading global industries in 2022 and by the third quarter of 2023, that figure had already risen by 15%. The actual amount of cyber attacks might even be higher, since manufacturers aren’t governed by the same compliance reporting requirements like the healthcare, financial services, telecommunications, or energy industries.
What’s more, these frequent incidents are becoming increasingly complex and costly as technology evolves. Gaps in security multiplied by advances in AI and ML allow cyber criminals to automate highly targeted attacks, resulting in large-scale incidents and breaches that require minimal human effort to administer. As the potential severity of these attacks grows, it’s never been more important for manufacturers to proactively mitigate threats before their operations and supply chain are devastated. Here are three unique opportunities manufacturers should prioritize in 2024 to build cyber resilience.
Secure the supply chain
Why are cyber attackers even targeting the manufacturing industry? The complexity and interconnectedness of modern software and hardware supply chains position manufacturers as desirable targets for cybercriminals and state-sponsored hackers.
Manufacturers rely on a highly interconnected network of technologies. When an attack is successful, cybercriminals gain access to sensitive information not just from one company, but across hundreds or even thousands of corporate and government networks. The high number of vulnerable endpoints across environments heightens the interest of attackers. And unfortunately, endpoint agents can’t be installed on every kind of manufacturing device. Especially if the organization utilizes legacy or closed systems, which obscures visibility and ultimately turns a supplier into a sitting duck.
In conversation with Manufacturing.net, Chandrodaya Prasad of SonicWall predicts that this trend will continue.
“In 2024, we expect to see the trend of attacking suppliers, instead of direct targets, escalate - making supply chain security a significant concern for organizations.” -- Chandrodaya Prasad, SonicWall
It’s likely that this will result in more regulation and stricter compliance regulations down the road, along with changes in how and where sensitive information is stored.
Shift to the cloud, safely
As manufacturers evolve towards a safer operating environment, those who haven’t done so already should look into moving their data to the cloud. But if not orchestrated carefully, moving to the cloud can expose manufacturers to some of the same risks storing data on-prem presents. This could result in:
- Cloud misconfigurations
- Vulnerabilities due to outdated hardware or software
- Data breaches and loss
So what do manufacturers need to consider before connecting equipment and manufacturing assets? It’s important to understand what kind of cloud environment – whether public, private, or hybrid – is right for their security needs.
As IT and security leaders in the manufacturing industry make this decision, they’ll want to pick one that helps gain faster access to insights and achieve cloud compliance, while still protecting assets and innovations. Gaining full visibility helps manufacturers like Axonius customer Wacom see which devices are managed by which systems and identify any gaps – which is incredibly important when securely moving to the cloud.
Ensure intellectual property remains protected
For manufacturers, the theft of intellectual property (IP) can be incredibly damaging from an operational, financial, and reputational perspective. And IP assets – which can be associated with legacy systems, outdated software, and a frequent need for remote access – are highly vulnerable to security issues like phishing, ransomware, and unauthorized users.
By planning ahead before a cyber incident occurs, manufacturers can build a safety net around their IP. Here are a few strategies:
- Form a strong incident response plan: Enable teams to act efficiently during times of crisis by documenting an incident response plan.
- Conduct regular audits and assessments: Remain compliant with security guidelines and regulations by regularly assessing security programs.
- Strengthen vendor and supply chain security: Examine the safety and security programs of vendors across the supply chain to ensure standards are met before granting access into closed environments.
How to build cyber resilience
The first step towards a stronger security posture is gaining visibility, context, and the ability to continuously monitor assets across networks, plants, and clouds. Yet, traditional IT asset management doesn’t meet the unique needs of manufacturers. Many of today’s methods of discovering and managing assets aren’t applicable to OT systems, since they might interfere with manufacturing devices.
Cyber asset attack surface management (CAASM) solutions like the Axonius Platform help manufacturers track and secure assets and users across disparate, complex environments, bringing them together in a single, comprehensive view. Here’s what the Axonius platform helps manufacturers achieve:
- Identify all internet-connected assets, whether IT, OT, or IIoT.
- Learn the relationships and interdependencies between assets to help determine when an event could lead to downstream impacts.
- Highlight cyber vulnerabilities that could threaten the normal operation of the environment.
- Correlate asset data between systems on a network, including subnetworks, and between distributed environments and networks.
- Continuously monitor smart manufacturing technology and respond quickly to resolve issues before they become incidents.
- Automate a wide array of remediation actions such as alerting, deploying software, running remote commands, updating vulnerability scans, and enabling or disabling users.
Axonius gives manufacturers visibility into all IT and OT assets, adds rich context, and helps operators detect and remediate assets missing controls or violating policies.