5 Steps Manufacturers Can Take to Combat Cyber Attacks

It’s not far-fetched to claim that the current cybersecurity landscape is rather tumultuous, and that’s true in every industry from retail to finance. Cyber attacks are on the rise, especially in the manufacturing sector.

One of the major reasons why manufacturing has come under fire is because cyber threats have grown much more sophisticated in recent years. Things have progressed beyond just a software standpoint to hardware — processor vulnerabilities being a prime example.

In fact, a recent security report from SonicWall Capture Labs revealed there were over 74,000 “never-before-seen” complex attacks in 2019. They were so fresh that many were without even a signature at the time of discovery.

This alarming information indicates that cyberattacks on manufacturers are going to grow more frequent, more advanced and more successful. There’s a clear need to protect not just conventional manufacturing operations, but also all networks, systems and resulting data — especially as the manufacturing industry evolves into a more digital-centric ecosystem.

Fortunately, there are cybersecurity solutions available to help manufacturers of all sizes protect themselves from cyber threats and prepare themselves for the brave new world of Industry 4.0.

Introducing the NIST Cybersecurity Framework

The National Institute of Standards and Technology (NIST) has developed a cybersecurity framework that includes a series of guidelines and best practices for dealing with potential cybersecurity threats. More importantly, it is accessible to all organizations, including small to medium-sized manufacturers.

Representatives of the MEP National Network^TM, such as the Michigan Manufacturing Technology Center, offer flexible, cost-effective approaches to implementing cybersecurity programs that align with the NIST framework, making these protections accessible to even a cost-prohibited company.

The framework lays out five basic activities, or functions, that can be used to achieve a more secure operation. They include:

1. Identify

This first function expressly deals with understanding potential cybersecurity risks to an organization, including its systems, people, assets, data, capabilities and networks. The primary question is: What must be done to manage existing risks and mitigate the potential for damage?

Actions the framework recommends in this category include:

• Controlling who has access to your information
• Conducting background and security checks for all employees
• Requiring individual user accounts for each employee
• Creating cybersecurity policies and procedures

For a more in-depth look at this important first step in the framework, as well as practical tips on how to tackle it, see the MEP National Network article, “How to Identify Your Company’s Cybersecurity Risks.”

2. Protect

Naturally, understanding leads to taking action — which is the protection aspect of the framework. This is where a manufacturer must develop and implement safeguards for its operations or services. Actions you can take include to protect your operation include:

• Limiting access to your user data and information
• Installing surge protector and uninterruptible power supplies
• Patching your operating systems and software regularly
• Installing and activating software and hardware firewalls
• Securing all wireless access points and network
• Setting up web and email filters
• Using encryption for sensitive business information
• Disposing of old computers and media safely
• Training your employees

To get started on protecting your business from cyberattack using the NIST Cybersecurity Framework, take a look at this MEP National Network article specifically focused on the protection step, “How to Protect Your Business from Cyber Attack.”

3. Detect

A proper monitoring system must be put in place to identify either a recent cybersecurity event or one that’s ongoing. The timely discovery of these attacks is crucial to a successful security strategy. Activities for detecting cyber attacks include:

• Installing and updating anti-virus and other cybersecurity programs
• Running anti-virus and anti-spyware programs daily
• Conducting full system scans daily
• Maintaining and monitoring detection logs

The MEP National Network article “How to Detect a Cyber Attack Against Your Company” takes a deeper dive into this important aspect of the NIST Cybersecurity Framework and offers concrete suggestions for how to make your company aware of any active threats.

4. Respond

Upon discovery, every manufacturer must have controls available to respond accordingly to an attack. These include functionality to block them, as well as to regain access to a system.

This functionality is a bit different for manufacturers as most providers use only limited networks or wireless connectivity. Industrial-quality access controls are necessary to monitor not just internal processes and systems, but also that of vendors and involved partners. Dynamic, real-time policy enforcement is essential across the entire network, and not just for local operations.

A response program should include:

• Developing a plan for information security incidents by determining:
  • Who to call in case of an incident
  • What to do with your data in case of an incident
  • When to alert senior management, emergency personnel, and others
  • The types of activities that constitute an information security incident
• Know your notification obligations

The MEP National Network article “How to Respond to a Cyber Attack” walks you through what to do in the event that your company is compromised.

5. Recover

Essentially the same as data or systems recovery, this function deals with the restoration of impaired or damaged services and content. It should include:

• Making full backups of essential business data
• Incremental backups of important business information
• Assessing and improving your procedures and technologies

Another aspect of this is opening up communications with clients or customers to reveal the impact of an event. Ideally, it would also include follow-up measures to prevent future attacks.

“How to Recover from a Cyber Attack,” another article from the MEP National Network, outlines the steps the NIST Cybersecurity Framework recommends you take to get your systems back online in the wake of a cyber attack.

How to Secure Your Company

Ultimately, companies should focus on adhering to NIST’s volunteer framework not just to prevent severe threats, but also to understand how they and their team can better deal with them. For many organizations — big and small — it’s not a question of whether or not they will experience a cyberattack but when. Being prepared for when that happens is the best way to mitigate potential damage and any operational impact.

Of course, the NIST Cybersecurity Framework is nuanced and will have to be adapted to your company. There are also several implementation tiers, starting with partial at the lowest and ending with adaptive at the highest, that signal the preparedness of a manufacturer or organization when it comes to cybersecurity.

The best course of action to secure your company — or to find out just how vulnerable it is — is to work with experts in manufacturing cybersecurity and the NIST Cybersecurity Framework. Manufacturers ready to take this important step in their digital evolution should contact their local Manufacturing Extension Partnership Program (MEP) Center. They’re part of the MEP National Network, which includes hundreds of specialists who know how to address the cybersecurity concerns of small and medium-sized manufacturers, and who are well-versed in the NIST Cybersecurity Framework.

To connect with your local MEP Center, visit this resource page on the NIST website.

Elliot Forsyth