After the public and finance sectors, the manufacturing industry is the third most targeted by cyber-attacks, as the threat from malicious hackers, cybercriminals and corporate espionage escalate.
The fact that industrial processes are increasingly connected – via the Internet of Things (IoT) – makes their software and advanced automation vulnerable to a security breach. This can result in a loss of sensitive corporate and intellectual information, which could compromise your profitability or damage your brand.
This is why you have to actively manage the security risks by:
The first step is the most obvious: Change default passwords. The number of production manufacturing and process control systems that still use the factory-assigned passwords is staggering. These passwords tend to be readily available via a Google search, so continuing to use them is the electronic equivalent of leaving the key in the lock of your front door.
Step two is similar: Change the default names of devices and networks. This is another very, very basic step, but one that far too many manufacturers fail to take when deploying control systems.
Ring-Fencing Your Networks
Treat your core network like you treat your business network – and keep the two separate. Each of these is important, but many manufacturers treat one as more important than the other. In actuality, the two are related in what they do for the business and why they can be critical for safe manufacturing.
Treating the core network like the business network means ring-fencing your manufacturing network, in the same way you would secure the financial and IP portions of your business. Separating the process and business networks is important because it is too easy for a vulnerability in one of the networks to introduce malware for the other.
Business-side users, for example, are more likely to use USB thumb drives that could carry malware targeting industrial controllers. And a poorly-defended manufacturing line might provide an easy attack vector for malware that could move into critical databases.
Taking a Layered-Approach to Security
Taking a layered approach to security is the most secure option for any operation, no matter the scale or size. Here you need to employ a wide range of tools and techniques from firewalls and intrusion detection systems, to anti-virus systems and 24/7 network monitoring tools. Firewall and IPS (Intrusion Prevention System) or a UTM (Unified Threat Management) control traffic in and out of your network, and will pick up unusual traffic and ensure any intrusion is detected.
It is up to manufacturers to ensure that have systems and procedures in place to protect sensitive data, and mitigate against any active threats to their networks and IT infrastructure. Fail to do this and they risk their brand reputation and profitability – something no operation can afford in this digital era.