Insights: Article

Why Cybersecurity Isn’t Just an IT Issue for Manufacturers

September 06, 2018

It makes sense, right? Cybersecurity involves computers and networks, so it’s a job for your IT department to figure out. That’s what you pay them for, right?

Well, yes and no. While it’s certainly true your IT team is on the frontlines of the safety of your systems, cybersecurity demands a risk-based approach that identifies many ways a breach could impact your organization. Here are just a few circumstances cybersecurity can affect different aspects of your business.

Unplanned Downtime
Many manufacturers are utilizing old technology to run their floor that is no longer being supported with security updates. In turn, these networks are an easy target for hackers who already know their vulnerabilities. An attack could lead to a halt in operations that costs you both time and money.

In addition, it’s important you engage and empower your Information Technology, IT, and Operational Technology, OT, teams to work together as you update technology. Traditionally, the involvement of IT ended at the factory floor edge, where OT would take over, leading to conflicts. For example, IT’s patching processes might inadvertently shut down equipment running on older, proprietary networks, causing downtime and headaches for OT staff. Forward-looking manufacturers are working harder to combine IT and OT teams to foster a greater understanding of security threats, as well as best practices for managing newer technologies such as Internet of Things (IoT) and connected devices.

Loss of Intellectual Property
Many of the cybersecurity breaches we hear about in the news seem to fit a typical pattern: hackers break in to networks intending to steal credit cards or sensitive personal data such as Social Security numbers. Manufacturers may think they are less of a target because they don’t have high volumes of this type of data. But they often forget they have something else of value—intellectual property.

“The trade secrets, their recipes and build lists, are key items at risk for manufacturers when it comes to cybersecurity,” said Dave Glennon, director of manufacturing and distribution for Eide Bailly. “That’s incredible sensitive information.”

Breaches often go undetected, and hackers can be patient when it comes to finding access to your IP, said Todd Neilson, chief technology officer for cybersecurity firm Secuvant. Hackers spend an average of 200 days in a system before they are detected.

“I can’t tell you how many times manufacturers find their plans for sale on a foreign black market, and often there’s nothing they can do about it,” said Neilson.

Damaged Reputation and Trust
Knowing what to do when you have a breach is vital, but just as important is having a plan to deal with disaster recovery and business continuity. How would your customers react to the news if you had a breach? How do you keep your business from completely stalling? A comprehensive cybersecurity plan can help you address these areas.

The increase in breaches has also prompted many companies to be proactive in addressing this in their supply chain.

“Many manufacturing clients are not just asking for you be secure, they are also asking you to prove it,” Neilson said.

Cyber Risk Is Business Risk
Cybersecurity is more than just what tools your IT department is using, it’s an organizational-wide initiative that needs buy-in from all levels, from C-Suite down to the shop floor. The key to this culture change is understanding cyber risk is business risk. Developing a risk-based approach identifying the areas of most concern for your business will help your team understand that cybersecurity isn’t just an IT problem, it’s everyone’s concern.

Latest Insights

November 21, 2018
Article
Each month, we strive to bring you the hacks, vulnerabilities and challenges of securing your daily habits and work environment. This brief is intended to help you make sense of the ever-changing world of cybersecurity so you can avoid similar…
September 24, 2018
Article
In auto dealerships, showrooms, car lots and implement dealerships, there is a constant flurry of activity. One area that can easily get overlooked is cybersecurity.
September 12, 2018
Article
Applications have made a huge impact on our lives, allowing us to keep track of the complexities of our day-to-day and save for our futures. But it’s important to understand where we are laying our trust.
September 10, 2018
Infographic
Did you know a recent study found nearly 40 percent of manufacturers and distributors don’t have a cybersecurity plan? This is alarming for several reasons, and we’ve created this infographic to help show you just how critical a strong cybersecurity…
September 6, 2018
Article
Manufacturing and distribution is an industry built on momentum, but what happens when maintaining the necessary speed puts you at risk of grinding to a halt completely?
September 6, 2018
Article
While cybersecurity should be top of mind for virtually any business today, many manufacturers don’t seem to take the threat seriously.
August 14, 2018
Recorded Webinar
Service firms that handle client information have particular responsibilities to protect that information—protection that can be strengthened if the firm’s clients are protected as well. We’ll discuss particular protections required for different…
June 14, 2018
Article
It is not to say that well run companies do not get breached, but all indicators lead to the conclusion that if certain things are done from the top down, the effects and cost of defending your company against data breaches, and recovering from a…
June 12, 2018
Recorded Webinar
While your company may be secure, can you say the same about your vendors? In this session we’ll discuss different techniques for performing appropriate due diligence, negotiating the right terms in your vendor agreements, and monitoring vendors for…
Find A Location