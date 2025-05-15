Navigating Manufacturing’s Third-Party Access Risk

Ways to manage external access while reducing exposure to possible breaches.

Joel Burleson-Davis
May 15, 2025
Protection Background Technology Security 524882074 701x502 (1)

Manufacturers today depend on complex networks of specialized devices, backed by an even more complex network of third-party vendors – it drives operational efficiency but also increases vulnerability to cyber threats. A recent Imprivata study found that 42 percent of industrial organizations experienced a data breach or cyberattack involving a third-party vendor accessing the organization's network in the last 12 months.

Despite this clear and present third-party risk, only 29 percent of manufacturing organizations have a strategy consistently applied across the entire organization to address privileged access and supply chain risk. To adequately address these risks and safeguard operations, manufacturers must implement strong access management and identity governance practices that protect operations without disrupting workflows. 

The Value of Efficient Access Management  

With manufacturing's reliance on third parties, a breach in one part of an organization's supply chain can ripple through the entire production process, leading to cascading breaches across a whole network. Defending against such attacks requires comprehensive access management solutions that drive both security and operational efficiency.

One of our own customers, Oldcastle Infrastructure, Inc., sought to improve third-party risk management by replacing fragmented VPN solutions with a secure, centralized vendor access system. By implementing our vendor privileged access management platform, Oldcastle gained critical auditing features, including session logging and recording of all vendor activity to significantly enhance security and oversight. The solution has enabled the organization to manage access across 85 U.S. sites and various vendors, standardizing processes and eliminating risky practices like shared credentials. Along with two-factor authentication and centralized control, Oldcastle can now efficiently manage external access while reducing risk and improving compliance.   

Comprehensive access management that leans on zero-trust principles is key to controlling what information third parties have access to — and when and how they have access to it. Operating by the principle of least privilege ensures that all third-party users can only access the systems and data necessary to execute their respective job functions. Practices that reduce the attack surface and prevent unauthorized access escalation if a breach occurs can include:

  • Zero-Trust Network Access. Zero trust removes trust from any user, whether internal or external, and requires authentication and identification before granting access. Such a method could replace old tools and processes like VPNs or desktop sharing tools that once granted third-party users network access. 
  • Multi-Factor Authentication (MFA). With MFA, users must provide two or more forms of identity verification before accessing a system. These additional authentication layers are a critical safeguard to prevent unauthorized access even if login credentials are compromised. MFA is essential in environments with high-value data and operations like manufacturing, where a single breach can have significant consequences throughout the supply chain. 
  • Role-Based Access Control (RBAC). By aligning access permissions with a user's operational role, RBAC ensures users can only access the systems and data necessary to do their jobs. By segmenting access across roles, manufacturers can significantly reduce the impact of a breach and avoid one compromised account providing access to the entire system. This safeguard is critical for maintaining manufacturing operations, which can quickly disrupt entire commercial ecosystems without quickly containing vulnerabilities.  

Activating the Strategy  

Implementing these strategies for the complex networks of third-party identities and solutions requires building an access management system that ensures access to sensitive systems and data is appropriately managed, monitored, and controlled. Solutions that meet security and compliance requirements should not disrupt user productivity or existing operational workflows. Organizations can seamlessly implement and scale their security practices as their third-party network expands by leveraging an effective remote access solution.  

Regular security audits will ensure access rights are current, the organization meets compliance standards, and prompt remediation of potential vulnerabilities is taking place. Automated auditing tools can streamline this process with ongoing, real-time insights. Oversight of vendors' cybersecurity practices is another crucial integration for a comprehensive security strategy.

Imprivata's recent report, The State of Third-Party Access in Cybersecurity, found that 55 percent of organizations do not evaluate the security and privacy practices of third parties before engaging in work that requires providing access to sensitive or confidential information. Assessing the cybersecurity practices of third-party vendors is critical to ensure they align with the organization's security standards. Be sure to include provisions for cybersecurity compliance in all third-party contracts and regularly assess the security practices of external partners to ensure they maintain a high level of security.  

Third-party risk will continue to proliferate across the manufacturing sector as operations become increasingly distributed to meet modern supply chain demands. In fact, 48 percent of organizations surveyed in Imprivata's recent report agree that third-party remote access is becoming the most common attack surface.

Manufacturers must proactively safeguard sensitive data and systems when dealing with an expanded attack surface due to third-party access. They can minimize risks and avoid costly disruptions by adopting a digital identity management solution that centers on zero-trust tools like MFA and RBAC. Without adequate security, one minor breach can quickly escalate across the network, jeopardizing operations across the entire ecosystem. 

Latest in Cybersecurity
Security Breach Podcast
Sponsored
Security Breach Podcast
May 1, 2025
Hacking Alarm
The Pros and Cons of Implementing a Bug Bounty Program
May 15, 2025
Soc
Building a Cybersecurity-First Culture in U.S. Manufacturing
May 15, 2025
Ep134
Security Breach: Dark AI, Hacker Evolutions Speeding Vulnerability Exploitation
May 15, 2025
Related Stories
Smishing Attack Fran Rodriguez
Cybersecurity
Cybercriminals Are Having More Success with Low-Tech, Human-Centric Attacks
Hacking Alarm
Cybersecurity
The Pros and Cons of Implementing a Bug Bounty Program
Soc
Cybersecurity
Building a Cybersecurity-First Culture in U.S. Manufacturing
Today in Manufacturing Podcast
Sponsor Content
Today in Manufacturing Podcast
More in Cybersecurity
Today in Manufacturing Podcast
Sponsored
Today in Manufacturing Podcast
Today in Manufacturing has a new podcast brought to you by the editors of Industrial Media. In each episode, we discuss the five biggest stories in manufacturing, and the implications they have on the industry moving forward.
May 1, 2025
Hacking Alarm
Cybersecurity
The Pros and Cons of Implementing a Bug Bounty Program
While not new, the approach is gaining traction.
May 15, 2025
Soc
Cybersecurity
Building a Cybersecurity-First Culture in U.S. Manufacturing
Nation-state threats and AI tools have made it vital to embed cybersecurity into workplace culture.
May 15, 2025
Ep134
Cybersecurity
Security Breach: Dark AI, Hacker Evolutions Speeding Vulnerability Exploitation
Deeper dives into OT priorities will be key to making breaches more difficult.
May 15, 2025
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
MCP Server Could Revolutionize API Security
The tool allows for interacting with APIs using natural language.
May 8, 2025
General Cyberattack
Cybersecurity
Huntress Debuts Managed SIEM to Simplify Cybersecurity
The platform offers compliance support, investigation, detection, response and threat hunting.
May 8, 2025
Ai Safety Image
Cybersecurity
AI in Manufacturing: Balancing Benefits, Risks, Security and Compliance
Hasty implementations of AI will create regulatory penalties, cyberattacks and operational disruption.
May 8, 2025
Ransomware
Cybersecurity
Report Links Infostealer Logs to Ransomware Surge
The malware is fueling new attacks and helping bad actors evolve the complexity of their operations.
May 8, 2025
Peach Istock Ai Cyber
Cybersecurity
Future-Proofing the ICS
Using machine learning to advance AI and redefine OT cyber defense.
May 8, 2025
Industrial Cyber
Cybersecurity
Beachheads and Safe Havens: How Threat Actors Gain Access and Maintain Control
How focusing on three key building blocks can help improve OT security.
May 8, 2025
Oil Refinery At Night 000064533213 Medium
Cybersecurity
CISA Warns of Unsophisticated Cyber Actors Targeting OT
'A simple script, when aimed at an unprotected valve, sensor or controller, can have very real consequences.'
May 8, 2025
Peach Istock Ai Cyber
Artificial Intelligence
AI Data Centers: Securing the Future
As industries race to leverage AI's potential, a sophisticated and evolving threat landscape is rising.
May 1, 2025
Coding
Cybersecurity
Email Remains Primary Gateway for Disinformation and Cyberattacks
Many adopt email authentication but half lack effective protection against spoofing.
May 1, 2025
People Cyber Metamorworks
Cybersecurity
Preparing for a Cybersecurity Audit
It may appear daunting, but this four-step process can help streamline your efforts.
May 1, 2025
Encryption
Cybersecurity
Kellogg, Hertz Victims in Cyber Breach of HR Files
The vulnerability has been identified as a file transfer software program.
May 1, 2025