By Bob Maley
Manufacturing is under attack.

Manufacturing was the most targeted sector by ransomware gangs in the last 12 months with 528 total victims, according to new research. This accounted for a 19.5 percent of all ransomware victims. Without a new defense strategy, manufacturers are at high risk – especially with new groups such as Chernovite and Bentonite focusing on the industry.

As a result, the regulatory landscape is changing – and this poses new challenges for businesses to remain compliant, secure and in control of their supply chains. By translating cyber risk into a language your team can understand and manage, manufacturers can get ahead of regulations and threats to maximize production and minimize disruption.

Manufacturing has transformed to a digital environment more rapidly than any other industry throughout the pandemic. Without time to build a strategy behind transitioning to the cloud, teams face uncertainty over the control and visibility of their data.

Schneider Bold

It’s evident throughout every vertical in the sector.

Susceptible to Ransomware
Half of the top 100 automotive manufacturers are highly susceptible to a ransomware attack – and more than 17 percent of automotive suppliers are likely to incur an attack, according to research. Nearly 10 percent of pharmaceutical manufacturers are highly susceptible, while 79 of the 100 CPG manufacturers analyzed had high and/or critical vulnerabilities caused by out-of-date systems.

Overall, 30 percent of ransomware attacks already detected in 2023 have targeted the manufacturing sector. Why? Ransomware gangs know manufacturing organizations have a low tolerance for downtime, so they’re more likely to pay a ransom than suffer the effects of business disruption (such as loss of revenue, decreased productivity, etc.).

Also, much of the manufacturing industry relies heavily on Operational Technology (OT). OT systems are difficult to patch, meaning ransomware threat actors can easily exploit vulnerabilities with older variants. It also goes beyond a manufacturer’s four walls; ransomware criminals often target a business’ vendors, suppliers, or third parties to cripple supply chain operations. In other words, manufacturers are only as safe as their least secure vendor – and without real time visibility into the cyber risk posture of their entire ecosystem, they are in the dark.

New regulations are emerging to meet the changing risks manufacturers and their critical supply chains face today. It’s critical to be prepared beyond compliance reasons – it also builds the foundation for more resilient cybersecurity operations.

Cyber Regulations
New regulations such as the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) requires critical infrastructure companies, including essential manufacturers, to report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA). In addition, European ports are bracing for more cyber regulations to secure global supply chains.

On top of the latest updates, manufacturers also need to be aware of NIST 800-53, ISO27001, PCI-DSS, CCPA, NYDFS, data privacy regulations and more. It’s a lot to monitor – especially when it comes to the supply chain. Plus, industrial businesses often don’t have cyber expertise on the board to help navigate this complex landscape. Boards often believe their continued compliance with existing regulations make them safe from cyberattacks. They couldn’t be more wrong.

Quickly reporting cyberattacks is a feature of many of the new regulations proposed or implemented recently. However, manufacturers have difficulty identifying and reporting a third-party breach before the damage spreads and regulators come knocking. Data show the average time between a third-party attack and the disclosure date was 108 days, with a 50 percent increase from 2021 – giving threat actors an increased potential for damage with stolen data.

In many cases, organizations aren’t efficiently disclosing attacks because they don’t have the right tools in place to detect a breach until the damage is already done. According to a recent survey, CEOs and boards of directors are ill-equipped when it comes to handling cyber incidents. Organizations will need to strengthen their internal cyber risk management strategies and reporting processes in order to comply with the proposed regulations.

Cybersecurity to the Forefront
Between strict budgets and limited resources, manufacturers’ cybersecurity strategies have struggled to evolve at the same pace as the rapid digitalization and emerging regulations experienced in the industry. But there is a way forward to ensure resiliency, and it’s centered around identifying cyber risk throughout the supply chain before disaster strikes.

By centralizing technical, financial and compliance data into one view, manufacturers are empowered to act on that data in four ways:
Quantify risk for executives: Unlike most organizations, CIOs in the manufacturing industry typically report to the CFO. To speak their language, it’s critical to measure the probable financial impact of cyberattacks on your company, vendors, suppliers, or third parties. Quantifying risk helps cost-effectively achieve and maintain an acceptable level of loss exposure, while also clearly conveying the breadth of risk factors across the organization.
Cross-correlate findings to industry standards: Meet evolving cybersecurity demands by cross-correlating findings to regulations, industry standards and best practices (CCPA, NIST 800-53, ISO 27001 and more) to measure the compliance level of every third party.
Automate manual processes: Stop worrying about limited manpower and budget. By continually identifying gaps and prioritizing remediation efforts where exposure is highest, automation allows your security team to effectively remove blind spots and improve your organization’s overall cyber hygiene. Without automation, constant monitoring of thousands of vendors is virtually impossible.
Reduce unrecognized risk: CISOs need to tackle the transformation of digital enterprise risk management with quality data and defense in depth. Technology can help reduce the uncertainty around your cyber risk through high quality platforms that can do the work for you. For example, cyber rating tools can indicate which vendors pose the highest risk to your company, allowing you to focus your efforts on the most impactful vendors.

Resiliency Rules
When it comes to cybersecurity, manufacturers are on the hot seat. They are in the crosshairs of ransomware criminals, getting hit with third-party breaches, and have to uphold operations while remaining in compliance with new regulations.

By understanding key vulnerabilities throughout one’s network of suppliers – and assessing risk in real time – businesses can stay ahead of the threat landscape. Technology is making it possible for manufacturers to monitor their growing ecosystems for risk and communicate action plans while there’s still time for intervention, all while ensuring compliance every step of the way. By harnessing the power of automation, leaders can focus on the imperative: Maximize production, minimize disruption.

Bob Maley, inventor, CISO, author, futurist and OODA Loop fanatic is the chief security officer at Black Kite, a third-party cyber risk intelligence provider. Prior to joining Black Kite, he was the head of PayPal’s Global Third-Party Security & Inspections team.


Pin It on Pinterest

Share This