Create a free Manufacturing.net account to continue

The 5 Most Critical Cybersecurity Priorities for Manufacturing

Breaking down the challenges and strategies being adopted as cyber risks continue to escalate.

Richard Springer
Jan 25, 2024
General Cyberattack

In today’s dynamic manufacturing landscape, cybersecurity has become a serious concern. A recent collaborative study, Advancing Digital Transformation in a Time of Unprecedented Cybersecurity Risk, conducted by Manufacturers Alliance and Fortinet delves into the challenges being faced and the strategies being adopted by manufacturing companies as they navigate escalating risks.

For manufacturers, cybersecurity is no longer an abstract concept that other people have to worry about. Threats have become real as more manufacturers and suppliers are affected by high-profile breaches that have resulted in serious data and financial losses.

Although manufacturers are at different levels in terms of their preparedness, they all face the same overriding issue. For every process they digitize, they expand their attack surface and increase their cybersecurity risk. Connected devices on the factory floor are often targeted by cybercriminals because they contain intellectual property, and because even one day of downtime can cost a manufacturer millions of dollars in lost revenue.

Cybercriminals are organized and it’s no secret that today’s attacks are both sophisticated and relentless. Manufacturers are paying attention and working on improving their security, but staying ahead of cybercriminals is more challenging than ever.

The study released in November 2023 offers a comprehensive look into the state of cybersecurity in manufacturing. Based on a survey of 155 U.S.-based manufacturing companies and interviews with IT and OT executives, the study represents a diverse range of company sizes and industries. It builds on a related 2020 study and indicates the areas where companies have made progress, and where they may have stalled over the last three years.

Five key findings offer insights into the current state of collaboration between Information Technology (IT) and Operational Technology (OT), promising tactics, and the impediments hindering progress. 

1. IT/OT Collaboration

The study underscores that successful collaboration between IT and OT teams is pivotal to the success of digital initiatives in manufacturing. In the study, 84 percent of companies envision IT and OT teams working more closely in the future. The synergy between these departments is essential for achieving mutual goals that strike a balance between security and operational priorities. Sharing scarce skilled talent is also a key element for effective collaboration. 

2. Renewed Focus

With the increasing shift from theoretical threats to real cyberattacks, manufacturers are intensifying their focus on cybersecurity. The study reveals a notable surge in the percentage of respondents ranking cybersecurity as a top-five business risk, reaching 78 percent, compared to 70 percent in 2020. Notably, manufacturers are particularly concerned about extortion through ransomware, with 36 percent falling victim to such attacks in the past year. 

Last year, more than 80 percent of respondents experienced at least one breach that resulted in unauthorized access to data. And of those respondents, 15 percent experienced six or more breaches. The most common types of security incidents they reported were phishing, malware, spyware and ransomware. 

3. OT System Visibility

Securing OT environments requires enhanced visibility into systems. Manufacturers are making strides in this regard, with 48 percent conducting audits or assessments related to OT security within the past six months, up from 44 percent in 2020. Regular evaluations, technology reviews, and scrutiny of third-party vendors are becoming integral components of their cybersecurity strategies. 

4. OT Challenges

The challenge of securing old equipment, coupled with a shortage of skilled personnel, remains prevalent. Many organizations face difficulties in addressing legacy equipment issues, adopting a pragmatic "run it until it dies" approach. In the survey, 78 percent pointed to the scarcity of talent and expertise in cybersecurity. This talent shortage exacerbates the struggle to fill open OT security positions, leading to team burnout and increased overall risk. 

5. Communication Gaps

Effective communication between IT and OT is identified as a critical factor in the aftermath of a breach. The study reports that 82 percent of surveyed companies perceive ineffective communication as a barrier to an efficient breach response. Bridging this communication gap is a crucial aspect of any effective cybersecurity strategy.

As manufacturers evaluate strategies for competitive growth through the integration of new technologies, the need to incorporate robust cybersecurity measures becomes critical. The study suggests that despite progress, manufacturers may need to expedite their efforts to outpace today’s rapidly evolving OT threats.

Facilitating seamless IT/OT collaboration and addressing communication challenges are essential steps in fortifying cybersecurity defenses within the manufacturing sector. To learn more about how manufacturers can include cybersecurity into their digitization plans, download the full report.

Latest in Cybersecurity
Ep96tn
Security Breach: Supply Chains are a Hacker's Gateway
May 16, 2024
General Cyberattack
Verizon Report Shows Vulnerabilities, Human Errors as Primary Challenges
May 9, 2024
Logistics Management
Third-Party Intelligence Helps Expose Supply Chain Threats
May 9, 2024
Computer Crime Concept 516607038 2125x1416 (1)
Threat Report Shows Onslaught of DDoS Attacks
May 9, 2024
Related Stories
Ep96tn
Cybersecurity
Security Breach: Supply Chains are a Hacker's Gateway
General Cyberattack
Cybersecurity
Verizon Report Shows Vulnerabilities, Human Errors as Primary Challenges
Logistics Management
Cybersecurity
Third-Party Intelligence Helps Expose Supply Chain Threats
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
Threat Report Shows Onslaught of DDoS Attacks
More in Cybersecurity
Ep96tn
Cybersecurity
Security Breach: Supply Chains are a Hacker's Gateway
Many attacks on manufacturers are just the first step in going after even bigger targets.
May 16, 2024
General Cyberattack
Cybersecurity
Verizon Report Shows Vulnerabilities, Human Errors as Primary Challenges
Most breaches involve a non-malicious human element, such as falling prey to a social engineering attack.
May 9, 2024
Logistics Management
Cybersecurity
Third-Party Intelligence Helps Expose Supply Chain Threats
The platform extension offers vendor-specific security posture data.
May 9, 2024
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
Threat Report Shows Onslaught of DDoS Attacks
Hacktivist groups are increasing attack frequency and raising their level of aggression.
May 9, 2024
Ep94tn
Video
Security Breach: The Hacks!
In this episode, we dive into some of the most notorious attacks to hit manufacturing over the last six months.
May 9, 2024
Cybersecurity
Software
New Siemens Software Automatically Identifies Vulnerable Production Assets
The cybersecurity SaaS will be available for purchase in July 2024.
May 8, 2024
Manufacturing
Industry 4.0
Tech Trends to Watch in Manufacturing
AI is at the forefront.
May 7, 2024
General Cyberattack
Cybersecurity
CISA, FBI Release Secure by Design Alert
The two agencies are urging manufacturers to eliminate directory traversal vulnerabilities.
May 3, 2024
Financial Cyber
Cybersecurity
Ransomware Report Shows Fewer Incidents, Future Concerns
The fear is that larger RaaS groups are exercising greater control over their affiliates.
May 3, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
CISA Releases Latest ICS Advisories
Cisco, Siemens, Honeywell and Mitsubishi systems top the list.
May 3, 2024
Ep92tn
Cybersecurity
Security Breach: Predictions That Hit
A look back at Security Breach guest's most accurate and timely industrial cybersecurity predictions.
May 2, 2024
Andrew Witty, Chief Executive Officer of UnitedHealth Group, testifies at a Senate Finance Committee hearing examining cyber attacks on health care, and the Change Healthcare cyber attack, Wednesday, May 1, 2024, on Capitol Hill in Washington.
Cybersecurity
Change Healthcare Cyberattack Due to Lack of Multifactor Authentication
That's according to UnitedHealth CEO Andrew Witty.
May 1, 2024
I Stock 1311492607
Cybersecurity
ZAG Launches Cybersecurity Series for Food, Agriculture Sectors
Empowering agricultural businesses with the tools necessary to protect their digital infrastructure.
April 29, 2024
Ransomware
Cybersecurity
Report Identifies Hidden Costs, Challenges of Ransomware
Too many are paying, and the reasons range from understandable to infuriating.
April 25, 2024
Ep90
Cybersecurity
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
The new factors impacting a growing attack surface, and how to evolve your cyber risk strategies.
April 25, 2024