Insights: Article

Why Cybersecurity Isn’t Just an IT Issue for Manufacturers

September 06, 2018

It makes sense, right? Cybersecurity involves computers and networks, so it’s a job for your IT department to figure out. That’s what you pay them for, right?

Well, yes and no. While it’s certainly true your IT team is on the frontlines of the safety of your systems, cybersecurity demands a risk-based approach that identifies many ways a breach could impact your organization. Here are just a few circumstances cybersecurity can affect different aspects of your business.

Unplanned Downtime
Many manufacturers are utilizing old technology to run their floor that is no longer being supported with security updates. In turn, these networks are an easy target for hackers who already know their vulnerabilities. An attack could lead to a halt in operations that costs you both time and money.

In addition, it’s important you engage and empower your Information Technology, IT, and Operational Technology, OT, teams to work together as you update technology. Traditionally, the involvement of IT ended at the factory floor edge, where OT would take over, leading to conflicts. For example, IT’s patching processes might inadvertently shut down equipment running on older, proprietary networks, causing downtime and headaches for OT staff. Forward-looking manufacturers are working harder to combine IT and OT teams to foster a greater understanding of security threats, as well as best practices for managing newer technologies such as Internet of Things (IoT) and connected devices.

Loss of Intellectual Property
Many of the cybersecurity breaches we hear about in the news seem to fit a typical pattern: hackers break in to networks intending to steal credit cards or sensitive personal data such as Social Security numbers. Manufacturers may think they are less of a target because they don’t have high volumes of this type of data. But they often forget they have something else of value—intellectual property.

“The trade secrets, their recipes and build lists, are key items at risk for manufacturers when it comes to cybersecurity,” said Dave Glennon, director of manufacturing and distribution for Eide Bailly. “That’s incredible sensitive information.”

Breaches often go undetected, and hackers can be patient when it comes to finding access to your IP, said Todd Neilson, chief technology officer for cybersecurity firm Secuvant. Hackers spend an average of 200 days in a system before they are detected.

“I can’t tell you how many times manufacturers find their plans for sale on a foreign black market, and often there’s nothing they can do about it,” said Neilson.

Damaged Reputation and Trust
Knowing what to do when you have a breach is vital, but just as important is having a plan to deal with disaster recovery and business continuity. How would your customers react to the news if you had a breach? How do you keep your business from completely stalling? A comprehensive cybersecurity plan can help you address these areas.

The increase in breaches has also prompted many companies to be proactive in addressing this in their supply chain.

“Many manufacturing clients are not just asking for you be secure, they are also asking you to prove it,” Neilson said.

Cyber Risk Is Business Risk
Cybersecurity is more than just what tools your IT department is using, it’s an organizational-wide initiative that needs buy-in from all levels, from C-Suite down to the shop floor. The key to this culture change is understanding cyber risk is business risk. Developing a risk-based approach identifying the areas of most concern for your business will help your team understand that cybersecurity isn’t just an IT problem, it’s everyone’s concern.

Latest Insights

March 28, 2019
Outsourcing IT needs is becoming a common business tactic, but how do you choose which vendor to use? We explain the four factors that are critical to success when choosing an IT vendor.
March 26, 2019
Each month, we strive to bring you the hacks, vulnerabilities and challenges of securing your daily habits and work environment. This brief is intended to help you make sense of the ever-changing world of cybersecurity so you can avoid similar…
March 25, 2019
Nonprofits are often a target for duplicated websites. Make sure your donors are giving to you and not an imposter.
March 20, 2019
Cyberthreats are a clear and present danger, and hackers can target manufacturing and industrial companies for trade secrets, business plans and more. Are you protected?
March 13, 2019
Think you know the difference between an email from a friend and an email from a hacker? You may be surprised to find out the answer.
March 6, 2019
Did you know a recent study found nearly 40 percent of manufacturers and distributors don’t have a cybersecurity plan? This is alarming for several reasons, and we’ve created this infographic to help show you just how critical a strong cybersecurity…
Find A Location