Mike Manzi of Feyen Zylstra lets us in on 5 must-know steps for protecting a company against threats in cyberspace.
A rapidly changing world
The world is changing fast, especially on the plant floor. Connected devices, cloud collection, and IoT all open your systems up to the world, and in doing so, also open up the world to your systems. In our increasingly connected world, it is near impossible to remain unconnected and maintain a competitive advantage. With connection comes risk, especially during the pandemic. Since COVID-19 started, the FBI has reported a 300% increase in cybercrimes (IMC Grupo). Now more than ever, it's important to understand and prepare for potential risks.
While we've all heard the horror stories of cyber and ransomware attacks on Fortune 100 companies and city municipalities, the reality is that 50% of manufacturers have experienced data breaches within the last three years (Sikich). Recently, a Charlotte-based manufacturer with multiple plants in the region was faced with a cybersecurity threat that compromised the company’s IT systems and production. The ransomware virus demanded over $25,000 for the return of their files and posed a threat of affecting the manufacturers production capabilities.
Luckily, the company engaged our team to identify and eradicate the virus before production and secure data was compromised. We identified that the virus had entered the network because of a lack of internal protective measures and no domain control for the sites on their enterprise. By splitting the manufacturer's IT and OT network and placing hardware between the two, we were able to isolate the virus. This allowed our team to track, remediate, and eradicate the virus without causing downtime or affecting production.
So, what do you do?
Well, the easy choice is to refrain from connecting your systems to the world and modernize. This “air gap” method keeps your threat of a cybersecurity breach low. But it also means that you lose out on technological advances that would increase your quality, performance, safety, uptime, and ability to use data to make informed decisions. Your competitors will gain an advantage and your bottom line will suffer.
The sustainable choice is to figure out how to connect to the outside world in a way that is safe and secure. This doesn’t always mean an overhaul or significantly large Cap Ex investment, instead it means understanding the essential components of a secure network and taking steps towards protecting it. The reality is that 95% of all breaches can be avoided through simple security improvements (Deloitte).
Here are five ways to protect against cybersecurity threats.
1. Evaluate: By identifying your current assets, users, devices, applications, and network architecture, you're able to manage your risk better. Consider who has access to your network and how they access your network, whether it's physical or logical. Human error and susceptibility account for 95% of data breaches, so it's crucial to limit the access that you grant to employees (Cybint). Unknown and unauthorized people should be restricted from accessing your network, even if they seem as harmless as a vendor, partner, or visitor. If you’re unsure of where to start, feel free to use our free networking assessment to start identifying your network’s assets.
2. Access Control: Now more than ever the importance of remote access is evident. With COVID-19 and mandated work from home orders, remote access is crucial to continuing operations. Unfortunately, the rise in remote access and the unprotected gaps it creates raises the risk in your network. It is vital that you have complete understanding and control over who accesses your network and how they access it. One of the most common violations is outsourcing remote access and letting vendors dictate how they will connect to your network. Hold your ground, it is your network so they must comply to your standards, not the other way around.
3. Plan: Develop and implement cybersecurity procedures and practices to protect your business operations. Your current and future employees should be trained so that they are aware of the expectations and potential risk they pose to the network. Review your policies with a legal professional in order to ensure that they are compliant with local laws and regulations. Policies and procedures should be reviewed annually to ensure that they include any changes or updates to your organization, network, or structure.
4. Protect: Make improvements to your system that safeguard against attacks. This could include the installation and/or stricter configuration of network firewalls, establishing VLANs, maintaining and monitoring logs, installing or updating manufacturing compliant cyber security software, encrypting sensitive information, securing wireless access points, securing or limiting access, or setting up web/email filters.
5. React and Test: Just because you have a plan in place does not mean that you're automatically safe. While 87% of manufacturing companies have a disaster recovery plan, only 35% of these companies have actually documented and tested their plans (Deloitte). Ongoing testing and monitoring of your systems is essential in finding and mitigating potential security threats. Understand your system's normal data patterns and traffic flow by installing monitoring software. This will help you understand your normal acceptable traffic and alarm you when deviations to that norm occur, such as unapproved connections to the internet or unknown IPs on the network.
The time to act is now. If you wait to think about cybersecurity until after you experience a breach, it’s too late. Luckily, getting started does not have to be an expensive and intimidating venture. For more information on cyber security, please check out the following resources:
- Free Industrial Networking Assessment
- Industrial Network and Cyber Security Information
- Ransomware, Phishing, and Cyber Security: What you Need to Know Webinar
- Network Downtime: The Scourge of Your Operations
- The Top 3 Culture Splits between OT & IT