Shore Up Your Cybersecurity

The best place to start any manufacturing cybersecurity effort is to do an asset inventory to determine which are most critical and/or vulnerable.

These answers to five cybersecurity questions can help you better protect your operation.

By Kirstin Simonson, Travelers

Maintaining a high level of cybersecurity is a never-ending effort for businesses at all levels. In recent years, manufacturing has become a primary target for cyber criminals, prompting those responsible to significantly shore up their defenses. Many, however, don’t see themselves as targets or are confident their systems are strong enough to withstand an attack. To help all involved in protecting manufacturing operations, here are answers to five primary cybersecurity questions. Comparing the answers to your cybersecurity program should help you gain a better understanding of your operation’s security.

How are cyber threats evolving?

Cybercriminals continue to evolve, adopting new and different tactics and technologies faster to get what they want. Ransomware continues to be a threat, but cyber extortion, absent the insertion of system encryption, is becoming more common. Social-engineering tactics, which manipulate individuals into providing information that can be used to compromise the victims, is becoming more sophisticated and targeted. In addition, new techniques, such as artificial intelligence (AI), make it even more challenging to identify and stop bad actors. The time between awareness of a vulnerability in software and exploitation of that software is shrinking, making it challenging for firms to install patches quickly enough. Also, the rise of malware that specifically targets the operational technology (OT) is increasing.  

How likely are manufacturers to be victims of cyberattacks?

Any business that connects to the internet, regardless of industry or size, is at risk for a cyberattack. While some may think that it won’t happen to them, the reality is that cybercriminals are always looking for the next target. They will attack known vulnerabilities and look for areas they can compromise.

Manufacturers have seen their fair share of cyberattacks. Considering that they have a very low tolerance for downtime, may have large global networks, and may have a significant amount of information that can be of financial value to others, it isn’t a stretch to understand why manufacturers might be targets. Published reports on cyberattack trends continue to name manufacturing as a top targeted industry. In 2023, we saw many large manufacturers face breaches, costing them millions of dollars to recover.

Small manufacturers may assume that cybercriminals only target big firms because there is more to gain, but the reality is that many cybercriminals see significant opportunity in small businesses because they may not have the resources to fully assess their cyber risk or have the proper coverage in place to protect against threats. A manufacturer that hasn’t taken care of basic housekeeping when it comes to cyber risks is low-hanging fruit for the bad guys.

An annual survey of risk viewpoints from more than 1,200 business decision makers across the country, found that cyber threats were not a top five concern for manufacturers, with broad economic uncertainty and supply chain risks taking the top two spots. Yet 25% of manufacturing companies admit to having been the victim of a data breach or cyber event.

Keep in mind that cybercriminals only need to be right once to get around your defenses and harm your organization. Just because a cyberattack hasn’t happened yet doesn’t mean it never will.

In what ways does plant equipment open up manufacturers to cyber risks?

Any asset that’s connected to the internet is a potential access point for cybercriminals and increases the overall exposure of a company’s network to cyber risk. As the technology tools available to manufacturers become more complex and interconnected, manufacturers will need to ensure safeguards are in place to mitigate risk at every point where data is gathered, stored, and shared.

But it’s not just those advanced technologies. Manufacturers risk exposure if they have smartphones, laptops, desktops, or similar devices; one lost smartphone can lead to compromised company or client data.

What are some steps that manufacturers can take to mitigate the risks associated with cyber threats?

A great place to start is to understand all possible points of network intrusion in your organization. Once you’ve created this asset inventory, evaluate the risk associated with each one and identify those that are most critical to your organization’s operations, including those that store, process, or transmit business-critical or sensitive data.

It is crucial to understand what is potentially vulnerable before taking any additional steps. Once that inventory is in place, you can begin to deploy strategies to manage the risk.

Some areas of focus include:

• Software updates: Have a process in place for updating all software, especially that software with known vulnerabilities, as quickly as the updates and patches are available. This includes removing software that has reached end-of-life status and is no longer supported.

• Systems access: Manage access to the systems, preferably with a zero-trust framework, which means that you never trust and always verify.  

• Multifactor authentication: Deploy multifactor authentication across the entire organization, especially for accounts with elevated privileges and for remote access by anyone. 

Another critical step is to develop an incident response plan that documents who does what, how it is done and when it is done after a cyberattack. Then test the plan, so that you can identify any areas that are missing or need to be updated.

Adopt and establish a framework that will lead to good cyber hygiene. This includes best practices such as backing up your data daily, regularly changing passwords, and monitoring network vulnerability 24/7 with an endpoint detection-and-response solution.

It’s equally important to train employees on the cyber threats that they face, the different ways that they can be targeted, and best practices to follow.

Where do employees fit into this business threat and how can manufacturers build cyber-training programs?

The success of any business’s cybersecurity program often relies on employee interactions with technology. It’s important that workers understand what they need to know about cybersecurity. Training from day one to make employees aware of the threats and different ways they can be targeted, and then following up with ongoing programs and communications, can help keep good habits in practice and prevent poor habits from taking root. It’s also important for organizations to assume that insider threats exist, whether intentional or not.

At Travelers, we work diligently to provide our customers—in manufacturing and in every other industry segment we insure—with the information and education they need through our internal Cyber Risk Control team, the Travelers Cyber Academy cybersecurity education courses and videos, the Travelers Institute, and relationships we have outside our organization.

Kirstin Simonson is Cyber Lead, Technology & Life Sciences, at Travelers Insurance, St. Paul, MN, travelers.com.