top of page
Writer's pictureJared Thompson

Why is Cyber Security a big risk to Manufacturers?

48% of manufacturers see cyber security as an impediment to manufacturing & smart factory initiatives. So, why is Cyber Security a big risk to Manufacturers?


Is your business involved in printing materials or manufacturing books and magazines? Maybe your business produces equipment for the leisure industry. Whatever industry you're involved in, the North West Cyber Resilience Centre wants all SMEs and businesses involved in the manufacturing sector to be aware of the latest threats.


2022 Dragos Report on Manufacturing and ICS


Dragos’ “Year In Review” report revealed that ransomware attacks on industrial infrastructure organisations nearly doubled in 2022, as the manufacturing industry is in a race to implement more and more digital solutions. Dragos found that of the surveyed companies that suffered a ransomware attack, 70% of them operated within the manufacturing industry.


As the manufacturing industry pushes to become more digital and implements Artificial Intelligence solutions in a bid to improve efficiency, the attack surface also grows exponentially. Dragos reports that the main risk associated with this process is “OT [Operational Intelligence] networks, particularly networks with poor segmentation”.


However, the cyber security landscape for manufacturing companies, and the wider industry, isn’t all doom and gloom. Dragos reported, “There were marked improvements to the use of network segmentation in engagements. Environments with significant network segmentation issues were down 2700 basis points”, stating that 50% of company networks saw a lot of improvement.


Cyber Security in Manufacturing Infographic


Is Cyber Security a big risk to Manufacturers? Here are our top tips for avoiding a Manufacturing Cyberattack



1. Lock your devices as if they were doors


Make sure you have encrypted and password-protected all devices used by your employees. This includes machinery, smart devices, tablets and computers.


2. Keep your passwords strong, and don't repeat them!


Use a strong password to secure your devices; three random words are advised. Passwords generated from three random words help users to create unique passwords that are strong enough for many purposes and can be remembered much more easily.


This applies to both IT systems (computers, laptops, mobiles, tablets etc.) as well as Industrial Control Systems (those used to manufacture goods)

3. Double up your protection


Ensure two-factor authentication is utilised on all devices and online accounts. This will give you two distinct forms of identification that will be needed for access to be given to your accounts.


4. Don't forget those software updates


Regularly patching and installing software updates helps to keep your devices protected. Often these updates will ensure any new flaws and vulnerabilities are protected against. Software, application, and Operating System updates are designed to fix these weaknesses, and installing them as soon as possible will keep your devices secure.

  • It is also vital your business has a process in place to track configurations of devices, whether this is the IT devices or manufacturing devices; tracking device type, version, operating system/software, and last updated date is vital to know what you need to protect

5. Implement an Incident Response Plan


Having an Incident Response Plan could reduce the cost of a data breach on your business; ensure you are testing your incident response plan so your staff know their role.


Our plan includes; preparing your business checklist and emergency contact list template, helping with incident response communications and providing details of the legal Implications of a cyber incident.


To help you minimise the impact of a cyber-attack, we have created a Cyber Incident Response Plan for you to use.


6. Train and educate your staff


You should regularly educate your employees about the most common cyber-attacks and their risks to your business. Common attacks include:

  • Phishing emails/text messages

  • Social Engineering

  • Data breaches

  • Ransomware

7. Practice makes perfect


Ensure that you have a cybersecurity policy that all staff are aware of when first joining your company, and make sure it's regularly updated.


Did you know the North West Cyber Resilience Centre was established to help small businesses tackle the threats posed by cybercrime?

Businesses in the North West can sign up for our free Membership online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats designed to help you stay safer.

Free Membership banner for manufacturing

We'd also encourage all businesses to perform a Cyber Health Check on your business's strengths and vulnerabilities. This audit helps to protect your business from the latest cyber threats by filling out a simple self-assessment questionnaire.

Comments


How can we support your business?

Phishing 292 x 219px.png

Raise your staff's awareness of phishing emails and guard your business against the growing trend of social-engineering threats.

 

Training your employees on what a phishing attack looks like makes them more likely to identify and report scams.

security awareness training.png

Our training package is designed and delivered by cyber experts giving you access to the most up-to-date information in an ever-changing cyber landscape.

You can purchase single-place training spots or a cyber security workshop.

Community Members

Our premium membership package is aimed at medium-sized businesses and includes bespoke security awareness training sessions.

 

This allows your business to train several cyber security champions and an assessment of your cyber risk. 

bottom of page