The manufacturing sector is a prime target for hackers. These organizations tend to lack expertise and investment in cybersecurity, carry vulnerabilities in their supply chains, favor productivity over security, and maintain a low level of cyber preparedness compared to other industry sectors, making them not just a prime target but also ripe for breaching.
The data tells this story well–Statista found that in 2023 there were 259 cases of data compromise in the manufacturing and utilities industry in the United States and that the cases registered in 2022 impacted 23.9 million people. Furthermore, according to the World Economic Forum (WEF), cyber-attacks on the manufacturing industry accounted for 25.7% of all attacks, with ransomware involved in 71% of these incidents. As a result of attacks costing 125% more each year, cyber risk is now seen as the third biggest outside risk to manufacturers.
The WEF also noted that cyber-attacks on the industry were caused by long production cycles, the large amounts of investment capital needed to redesign production lines, and the lack of cyber-security resilience. The WEF provided an example of a hacker attacking a German battery company’s IT system in February 2024, which caused production to stop at five plants for more than two weeks.
Last year, manufacturing giant Clorox experienced a cyber-attack that ended up costing the company $356 million, in addition to a big drop in their stock price. Also last year, the manufacturing company Brunswick Corporation suffered a cyber-attack that disrupted operations for 9 days and cost the organization around $85 million. While Clorox and Brunswick are large companies, many smaller and medium-sized manufacturers experienced similar fates.
Read More: Bridging IT and OT: Enhancing Cybersecurity in Manufacturing
The rise in breaches is not surprising, given the pace of industrial digitization. Already, most physical security systems are linked to IT networks and changing cloud infrastructure and, as industrial hardware and software become more integrated and more IT sensors are connected to the internet, hackers are finding new ways to get into all kinds of digital systems.
A Manufacturing Cybersecurity Checklist
To protect themselves from this ever-expanding field of threats, manufacturers must adopt a robust cybersecurity plan that fits within their production and security environments. There are many approaches for a risk management framework and no one-size-fits-all solution, so this plan development takes some work.
To help, I have composed a checklist of major concerns and considerations to help you on your way:
- Identify, define, and monitor the company’s threat environment. Use an established manufacturing cybersecurity risk management framework that draws on industry experience and best practices, such as those provided by NIST
- Conduct a comprehensive Zero Trust vulnerability assessment of all devices (and people) connected to the network
- Evaluate and set policies with all connected to manufacturing supply chains
- Make sure security architectures (cloud, hybrid cloud, are fully updated and monitored)
- Update and patch vulnerabilities to both networks and devices
- Control and management of access and identity, including biometrics (Zero Trust goals). Use strong authentication and perhaps biometrics for access control and establish privileged access for device controls and applications
- Secure framework layers via firewalls, antivirus software, payload, network, and any endpoints
- Compartmentalize any connected IoT devices, and stored data on the network to minimize attack surfaces. Add security software, containers, and devices to “digitally fence” networks and devices. Consider network isolation to guard against insider threats, botnets, and malware
- Use the latest real-time horizon and threat scanning data or shared intelligence
- Use encryption (should be quantum resistant, or if possible, quantum-proof)
- Continually audit and use real-time analytics (including predictive analytics). Consider using AI/ML-enabled forensics (network traffic analysis, payload analysis, and endpoint behavior analysis), data analytics, and diagnostics
- Back up all sensitive data from potential breaches or ransomware attacks
- Develop an incident response and resilience plan that can be practiced and instituted
- Implement security awareness training for all employees
Note: NIST has more detailed technical frameworks available for companies in the sector to use, especially for supply chain security.
Read More: Global Tensions Fuel Cyber Threats to Critical Infrastructure
Zero Trust and Security By Design
The risk management checklist can operate under the security framework themes of both Zero Trust and Security by Design.
Trust frameworks and designs should be used by manufacturing companies to protect their gaps better. In a zero-trust architecture, everything in the network is seen as potentially hostile, so trust is not based on where the network is located, and devices, users, and apps trying to get into the network must be authenticated and given permission.
A Zero Trust model is based on achieving and maintaining the highest level of segmentation and fortification possible. This way, the chances of a breach happening are kept to a minimum, and the damage from a breach is kept to a minimum by stopping lateral movement and escalation.
To keep up with emerging cyberrisks, OT and IT networks need to be planned, updated, and made stronger. “Security By Design,” is a strategy that builds security up front in the planning. This approach for manufacturing can help create flexible systems with practical cyber-fusion to adapt to new threats. Security By Design can also find organizational and system dependencies early in the process to eliminate known risks. As new manufacturing plants expand, and or are created, it makes sense to replace legacy systems with new fortified Security By Design architectures.