Cybersecurity Fundamentals for Manufacturing: Simple Strategies
Did you miss our recent webinar for The Council of Industry members and Associates "Cybersecurity Fundamentals: Strategies to Protect Small and Mid-Size Manufacturers". Take a look at our key takeaways recap below.
Sections
Key Takeaways from Webinar
Introduction
Manufacturing is now a top target for cyberattacks, with 25.7% of attacks expected to hit this sector in 2024. Cybersecurity isn't just an IT issue anymore—it’s a key priority for business leaders. These attacks can disrupt operations and damage reputations by exploiting weak infrastructure, untrained staff, and poor network security.
For manufacturing executives, it's crucial to understand the latest threats, meet industry standards, and implement best security practices. This article summarizes key points from a recent cybersecurity webinar, offering practical insights for securing manufacturing operations.
Section 1
Manufacturing: A Target for Adversaries
Manufacturing is the most targeted industry for cyberattacks in 2024, making up over 25% of all incidents. There are a few key reasons why this is happening:
- Increased connectivity: The rapid shift to digital during and after COVID-19 means more manufacturing systems are connected to the internet, which opens up more potential security gaps for attackers to exploit.
- High cost of disruptions: When manufacturing operations go down, the impact is immediate and costly. On average, a cyberattack causes five days of downtime, which can cost companies millions in lost sales, delays in deliveries, and recovery expenses.
Two main types of attacks are hitting manufacturing the hardest:
- Phishing: This is behind almost 80% of the initial breaches. Attackers send fake emails to employees, tricking them into giving away login details or unknowingly installing harmful software (malware).
- Ransomware: Found in 71% of the attacks, ransomware is a type of malware that locks down systems, holding them hostage until a ransom is paid—usually in cryptocurrency—to regain access.
Section 2
Key Compliance Standards Overview
Manufacturing companies, especially those in critical areas like defense and infrastructure, must meet strict cybersecurity compliance standards. These rules are essential for protecting sensitive data and maintaining partnerships, particularly with government agencies. Key standards include:
- Cybersecurity Maturity Model Certification (CMMC): With the recent publication of the CMMC ruling, manufacturers working with the Department of Defense (DoD) are now facing a short timeline to fully implement the required security measures. CMMC is crucial for protecting sensitive data like Federal Contract Information (FCI) and Controlled Unclassified Information (CUI), and compliance is mandatory for securing future DoD or DIB supplier contracts.
- NIST 800: A widely recognized cybersecurity framework from the National Institute of Standards and Technology, used across industries to establish best practices for security.
- IEC and TISAX: These are vital for manufacturers working in international supply chains and automotive industries.
Non-compliance not only exposes manufacturers to penalties but also increases the likelihood of successful cyberattacks. Compliance should be seen as an investment in long-term operational security, not just as a regulatory checkbox.
Section 3
Building a Simple Cybersecurity Strategy
Effective cybersecurity is process-driven. Rather than implementing quick fixes solutions, manufacturing executive and IT teams should focus on creating a systematic plan that supports continuous improvement. Key elements of a successful cybersecurity strategy include:
- Asset and System Visibility
You can't protect what you don't know exists. A clear inventory of all connected devices, machines, and systems is the foundation of security. Documenting each asset’s location, owner, IP address, and last update helps identify and close any gaps. - Network Segmentation
By dividing your network into smaller segments, you create layers of protection. This limits attackers’ ability to move around freely within your systems. Isolating production systems from guest networks and restricting vendor access can significantly reduce the risk of an attack. - Access Control and Permission management
Implementing access controls, from password to multi-factor authentication (MFA), ensures that only authorized personnel can access critical systems. The next step in this area is to apply Role Based Access Control (RBAC), and giving specific permissions for your IT team, operation, sales, accounting,... - Hardening Systems to Minimize Vulnerabilities
System hardening reduces vulnerabilities by removing unnecessary software and limiting access rights. Regularly reviewing and disabling non-essential functionalities minimizes potential entry points for attackers.
Section 4
Employee Training: The Human Factor in Cybersecurity
Phishing remains the most common way attackers gain access to systems, making employee training essential. With 80% of initial breaches starting from phishing, educating your entire workforce—executives and shop floor operators alike—is key to a successful cybersecurity strategy. Everyone should know the risks and how to avoid them.
Few short tips include:
- Checking Domain Names: Employees can easily verify domain names in emails, as phishing attempts often rely on mimicking legitimate businesses.
- Avoiding Suspicious Links: Clicking on unfamiliar links is one of the easiest ways for attackers to gain access. Employees should be encouraged to not click on links from unknown emails and validate urls - by copy pasting for example to see what the url really is.
- Verifying Requests: If an email from a senior executive requests something urgent, like a wire transfer, employees should verify the request through another method, such as a phone call or sms, before taking action.
Section 5
Securing Cloud and SaaS Services
As manufacturers adopt cloud and Software-as-a-Service (SaaS) platforms for managing production, logistics, and even customer relations, securing these platforms matters. Cloud services provide flexibility, but they also introduce unique risks if not properly configured.
Best practices include:
- Authentication: Implement Single Sign-On (SSO) and multi-factor authentication (MFA) to ensure only authorized personnel can access cloud resources. SSO adds convenience, providing a fast and secure way for your team to manage authentication.
- Least Privilege Access: Apply the principle of least privilege by giving users only the access they need to do their job. This reduces the risk in case an account is compromised.
- Monitoring and Logs: Most cloud platforms have built-in logging features that track access and usage. By enabling logging and integrating it with a central monitoring system, your IT responsible can identify issues and respond faster.
Conclusion
Cybersecurity is essential for manufacturers to protect operations, data, and reputation. By focusing on simple fundamentals—such as network segmentation, regular backups, and strong access controls—and continuously iterating and improving these defenses, manufacturers can stay ahead of evolving threats like ransomware. Adopting a posture of not trusting system by default - "zero-trust" - and ensuring compliance with standards like CMMC further strengthens security.
Watch the Interview in Full Below 👇
Industrial Networks Performance and Security
Trout builds technology to accelerate secure digitization in industrial environments