Industry’s Media Platform of Choice
Champion Your Brand in Front of Decision Makers and Extend Your Reach Get Featured in the SPOTLIGHT
Industry’s Media Platform of Choice
Champion Your Brand in Front of Decision Makers and Extend Your Reach Get Featured in the SPOTLIGHT
How manufacturers can modernize cybersecurity postures with AI automation to defend today’s rapidly expanding attack surface.
By Camellia Chan, CEO and Co-Founder of Flexxon
Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest contract chipmaker has been center stage of the East-West tug-of-war for the supply chain of microchip production and distribution. Ironically, a systems integrator within the company’s own supply chain was responsible for a recent ransomware exposure. The average total cost of a data breach in 2022-23 was $4.45 million and is expected to net out as a $30 billion business for cybercriminals this year. TSMC is currently in a stand-off with criminals over the $70 million ransom demand, one of the highest ever.
CISOs and other security leaders are deploying cutting edge cybersecurity software stacks, rigorous cyber hygiene policies, and zero-trust procedures in a perpetual arms race against cybercriminals. But they should guard against sole reliance on reactive, software-based defenses, which have thus far allowed hackers to continue their activities largely unchecked. New technologies including cloud, AI, connected devices including robotics, and blockchain have jettisoned the complexity of defending against cyberattacks into the stratosphere. Manufacturing should spare no expense to secure their systems, implementing a comprehensive multi-layer approach, a holistic posture that leverages AI and hardware level protections.
Criminals have increasingly targeted managed service providers, the software supply chain, and the cloud. The manufacturing industry loves cloud computing for fulfilling their smart factory aspirations, many employing 20, 50, or 100 cloud solutions. But cloud’s virtual machines and various storage containers means a much wider attack surface to defend, numerous identity and admin privileges to manage, and greater potential for misconfigurations and unpatched 3rd party servers. When data is being transmitted from a client to the cloud or between cloud services, it travels over networks, including the internet. Data is most at risk when in transit, so hackers often attempt to intercept data in motion by eavesdropping, packet sniffing, or man-in-the-middle attacks. CISOs should execute regular penetration-testing of applications, use secure coding practices, and use static and dynamic application security testing solutions. Companies should also build their defenses on diversified and multi-layered cybersecurity software stacks that secure each layer of OSI 7-layer model.
Once cybercriminals breach a manufacturing or industrial company’s systems, the resulting stoppage in business, loss of revenue, regulatory penalties, reputation damage, and even physical injury can be catastrophic. Once cybercriminals have gained access to organizations’ systems or their valuable data, it is too late to remedy the situation. While protecting the application layer down through the network layers is essential to protect data, leaving a gap in the hardware layer renders those efforts deficient. The seventh layer of the OSI model, the hardware, is often referred to as the bottom layer – but that should not imply that this is an unimportant level. Modern cyber threats often are designed to jump from the cloud directly to the machine’s OS, endpoint devices, and the SSD firmware.
CISA noted in a whitepaper that “while nothing can eliminate all cybersecurity risk, the addition of hardware security technology can turn previously vulnerable spots into the strongest points in a network and dramatically reduce an organization’s attack surface.” If we integrate our best defenses by also including the physical computing layer, we can prevent the loss of millions of dollars should encryption protocols fail.
Cybercriminals are using AI/ML tools to automate the complex processes required to carry out cyber-attacks, enabling them to do their work more efficiently. Unfortunately, generative AI tools like ChatGPT lower the bar for lower echelon cybercriminals who may not be savvy coders, while also multiplying the productivity of skilled attackers. Generative AI tools give bad actors the capacity to generate human-like responses using generated images, voice recordings, and videos, which can make phishing attacks look more credible, duping people into exposing security vulnerabilities. Forward-thinking CISOs have already moved their organizations towards solutions that remove the human element from the equation, with models like zero trust architecture and deployment of AI-powered cybersecurity tools, and this trend must continue to grow. IBM’s 2021 report indicated, “Organizations with fully deployed security AI and automation experienced breach costs of $2.90 million, compared to $6.71 million at organizations without security AI and automation.”
Low-level AI-embedded solutions ensure that hackers will be thwarted upon trying to access the data storage, even if other layers are breached. This enables security leaders to scale down the perimeter where cybercriminals can attack, forcing them to play on their turf in a standoff for the data – no matter from where the attack comes. Low-level AI creates conditions wherein attacks reach a threshold that strips down their “disguise”, revealing their malicious intent. Regardless of the hackers’ layered programming or disguises, when they arrive at the hardware layer, they will be deflected.
With so much on the line and the proliferation of smart manufacturing systems, it’s no surprise that the majority of manufacturers (58%) say they have now elevated the responsibility for cybersecurity leadership to the board level. If they implement more holistic cybersecurity defenses that incorporate hardware and embedded AI solutions into the overall infrastructure, they can stop hackers in their tracks, cornering them in a small, sealed, and fully engineered environment.
Camellia Chan is the CEO and co-founder of Flexxon, a next generation hardware-based cybersecurity solutions provider. Since its inception in 2007, Camellia has grown Flexxon into an international business with a presence in over 50 cities. With Camellia’s passion for innovation and tech for good, Flexxon continues to expand its essential suite of cybersecurity services through its flagship X-PHY brand.
Made To Stay: Attracting Gen Z Into Manufacturing
A childhood in Kansas, college in California where she met her early mentor, Leigh Lytle spent 15 years in the Federal Reserve Banking System and is now the 1st woman President & CEO of the Equipment Leasing & Finance Association. Join us to hear about her ambition to be a great leader.
Get In Touch
Google news and SEO compliant, Industry Today’s state-of-the-art digital media platform offers bespoke media campaigns that target key decision makers and buyers to achieve your marketing and promotional goals.
Contribute
Showcase your brand and promote your business to our highly targeted audience. We offer detailed Google Analytics with measurable ROI to assure success. Submit your content for review by our Editorial team who will contact you to discuss the project further.
About Us
Reach Your Targeted Audience and Grow Your Business. Learn more About Industry Today.
Contact Us
© 2024 Industry today. All Rights reserved.
