Seven Strategies to Defend Manufacturing Systems from Cyberthreats
Competitive threats aren’t the only risks manufacturers need to cope with. Cyber threats are among the biggest risks manufacturers face. As manufacturing equipment becomes more connected and Internet of Things capabilities extend into the plant, vulnerabilities mean risk to production operations, not just backend systems.
Top Cyber Threats Facing Manufacturers
The cyber threats manufacturers need to stand up to are varied. Deloitte reported the top 10 threats as:
- theft of intellectual property
- sophisticated malware
- third-party breaches
- social engineering
- employee errors and omissions
- financial fraud
- employee misuse of IT
- mobile devices
- mobile network vulnerabilities
Seven Strategies for Defending Against Cyber Threats
Multiple threats demand a multifaceted response. The National Cybersecurity and Communications Integration Center (NCCIC) suggests seven strategies manufacturers can use to protect their industrial control systems (with the most impactful measures listed first):
- implement application whitelisting: You can block malware from your systems by implementing a whitelist of allowed applications. Any applications not on the list will not be able to execute. This is more restrictive than blacklisting, which blocks a specific list of known applications.
- ensure proper configuration/patch management: Two major security gaps arise from incorrect system configurations and systems that don’t have all patches applied. Incorrect system configurations can disable security options or leave vulnerabilities such as default admin passwords. When patches aren’t installed across all systems, they remain vulnerable to malware as if it were still “zero day”.
- reduce attack surface area. The more systems connected to the public internet, the more potential access points for malicious actors. Reduce the vulnerability by limiting the number of connected points. This includes not just the obvious connected computers and connected industrial machinery, but smaller Internet of Things devices such as light bulbs, thermostats, and security cameras.
- build a defendable environment: Design your network to be able to contain and limit the impact of an attack. Despite the growth of the cloud, you should still be able to define a network boundary and control the flow of data into and out of those points. Networks should be segmented with enhanced controls on the segments housing sensitive data and systems.
- manage authentication: Protecting systems requires controlling access to them, meaning authentication is key to security. Have strong password policies and use multifactor authentication to add a second level of control. Use fine-grained authorization policies and conduct frequent reviews to ensure users have only the privileges they need. While single sign-on is convenient, don’t share credentials for access to high security systems.
- monitor and respond: Proactively monitor access to your network and systems. Monitor traffic patterns and user actions to identify threats. Create your response plan before an incident occurs and know how you will recover any compromised data.
- implement secure remote access: Disable unneeded vendor access to systems and implement controls, such as session timeouts, when remote access is needed. Use VPN and “bring your own device” policies to ensure connections from employee mobile devices are secure.
The biggest challenge in implementing these strategies isn’t technical; it’s the lack of experienced personnel with the expertise needed to ensure that the strategies are implemented properly. The eighth strategy for defending manufacturing systems from cyberthreats, then, is to get outside help to bring in that expertise. Prescient Solutions team of certified experts brings more than two decades of experience implementing cybersecurity solutions to our manufacturing industry clients. Contact us to learn how you can start implementing a strategic plan to achieve cybersecurity at your manufacturing site.