September 18, 2023 Critical Manufacturing Must Re-Adjust Cyber Approach

Manufacturers need modern solutions to quantify the effectiveness of their security programs.

By Matthew McKenna, SecurityScorecard

Reshoring has brought several positive outcomes for manufacturers, including reduced lead times. But no matter where manufacturers do business, they are a major target of malicious threat actors, from cyber criminals and hacktivists to malevolent nation-states. Threat actors see manufacturing as the perfect target – a financially stable industry highly dependent on technology, with money and sensitive data ripe for the picking.

Despite that, based on SecurityScorecard research, nearly half of the manufacturing organizations have a SecurityScorecard rating of F, D, or C. For context, organizations with an A security rating are 7.7 times less likely to experience a data breach than organizations with an F rating.

Furthermore, defending against cyber threats is an increasingly challenging task. Organizations are more connected than ever, which expands the attack surface. To become more resilient to threats, manufacturers must look beyond their own security posture and identify cyber risk across their entire business ecosystem, including partners, contractors, third- and fourth-party vendors, and supply chains.

So, what are the two main factors contributing to increased cyber risk in the manufacturing sector?

Increased targeting from cyber threat actors. In 2022, 37% of critical manufacturers experienced a malware infection, according to research from SecurityScorecard’s Intelligence Team. Ransomware gangs are particularly active in attacks against manufacturers. In the last five years, two of the largest electronics manufacturers – Delta Electronics and TSMC – suffered devastating ransomware attacks that halted operations, impacting the supply of goods for organizations worldwide.

Slow application of security updates. Patching Cadence is one of ten risk factors SecurityScorecard considers when analyzing an organization’s security rating. Patching Cadence saw a significant drop among manufacturers from 2021 to 2022. This factor analyzes the number of outdated assets an organization has and the rate at which organizations apply patches compared to peers. Timely application of security updates is a cybersecurity best practice and significantly contributes to cyber resilience.

Today’s adversaries are very agile and use sophisticated tactics for both attack execution and payment extraction. Manufacturers must take things into their own hands by working to understand their unique security weaknesses and close security gaps quickly. This includes working closely with vendors to minimize risk across the supply chain.

There has never been a time when it was more important to implement security measures that extend beyond adhering to compliance regulations and meeting minimum-security requirements.

But improving and maintaining a strong cybersecurity posture is a full-time job. Here are my top four recommendations for manufacturers to include in their cybersecurity strategy:

1. A robust Vendor Risk Management program

One of the first things manufacturers need to look at is their Vendor Risk Management (VRM) program. Between September 2021 and September 2022, 54% of confirmed breaches were the result of a third party’s cybersecurity gaps. Manufacturers need to invest in cybersecurity tools that give them a complete view of their vendor ecosystem. This will help them pinpoint specific vulnerabilities with each vendor and drive discussion for effective risk mitigation. Manufacturers must ensure their vendors’ security profiles align with their own security posture.

2. Continuous monitoring of cyber risks

Due to the threat landscape’s highly dynamic nature, organizations’ attack surfaces constantly evolve and expand. Thus, manufacturers should look to implement continuous monitoring as part of their security program. Continuous monitoring platforms allow organizations to quickly identify, assess, and mitigate risks in the supply chain through business process automation, the application of machine learning, and real-time cybersecurity threat intelligence before these risks exacerbate systemic issues.

3. An incident response retainer

To prevent prolonged operational disruptions, manufacturers also need an incident response plan. Incident response capabilities allow organizations to take immediate action toward remediating incidents and mitigating risk. Swift and coordinated action against threats can help stop additional data loss and fix vulnerabilities to prevent further attacks. With worrying ransomware activity in the sector, manufacturers need the necessary tools and resources to respond appropriately to a cyber incident.

4. Risk quantification

Lastly, manufacturers need modern solutions to quantify the effectiveness of their security programs. Security budgets are elevated to the board room, and risk must be articulated in financial terms to ensure security investments are allocated efficiently and effectively. Holistic conversations about the financial impact of cyber risk are needed to ensure the sustainability of the business, and cyber risk quantification will help drive risk management strategies that make sense.

In conclusion, the decline in Patching Cadence in the manufacturing sector, along with the increased targeting from dangerous cyber groups, are good indicators that manufacturers must re-adjust their approach to protect their critical assets in a rapidly increasing threat environment.

Continuous monitoring of emerging cyber threats and risks is necessary, along with vendor risk management and incident response capabilities. Quantifying risk in financial terms will also help by driving smart and effective cybersecurity investments.

Matthew McKenna, Chief Sales Officer at SecurityScorecard, has over 15 years of experience commercializing emerging technologies in the supply chain management and cybersecurity space. Prior to SecurityScorecard, Matthew served as the Chief Operating Officer of SSH Communications Security, where he led large-scale Fintech deployments in the areas of access control and cryptographic services. Matthew holds a BA in German Language and Literature and an MBA from the Helsinki School of Economics.

Subscribe to Industry Today