It’s no secret that manufacturers are concerned about security. Recent events have shown that manufacturing is a rich target for threats that cause physical damage, facility downtime, and breaches of customer data and intellectual property.
The reason for these increasing security threats is that the manufacturing industry offers unique exploitation opportunities, such as:
- Legacy equipment or industrial IoT devices that were built with minimal or no security in mind.
- Gaps between IT and Operations Technology (OT). As networks converge, patchwork architectures increase risk and vulnerabilities.
- Lack of documented training, processes, and procedures that outline responsibilities and access.
- Never conducting a risk assessment.
Recently, Cisco published the 2017 Midyear Cybersecurity Report (MCR), which reflects not only these areas of concern for manufacturers, but also the changing security landscape for many industries. The 2017 study was fielded from July through September 2016 and included 2,912 respondents from 13 countries across multiple industries.
Some important cybersecurity findings for the manufacturing industry:
- 28% of manufacturing organizations reported a loss of revenue due to attack(s) in the past year—the average lost revenue was 14%.
- 46% of manufacturing organizations use six or more vendors, with 20% using more than ten. 63% use six or more products, with 30% using more than ten products.
- Nearly 60% of manufacturing orgs report having fewer than 30 employees dedicated to security, while 25% consider a lack of trained personnel as a major obstacle in adopting advanced security processes and technology.
The cybersecurity report covers technology trends, impact to businesses, adversary tactics, vulnerabilities, opportunities to better defend against risk, and how to communicate with management.
I invite you to download the full report here:
I also invite you to explore the following manufacturing topics: