How to Establish a Contingency Plan for Cybersecurity in Manufacturing
With the recent global IT interruptions, cybersecurity is the word of the month.
While many industries were directly impacted due to the outages, manufacturing wasn’t one of them. But manufacturing, especially with its technological growth the past few years, is one of the more vulnerable corners of our economy. Why wouldn’t manufacturers’ IT departments and operations departments have a cybersecurity plan in place, even now?
The CEO of Blumira, Jim Simpson, explores why cybersecurity is so hard for manufacturing in this Forbes article.
Simpson states that with the sheer number of applications in use by all of the distributors, clients, and vendors utilized by a manufacturing facility, it’s likely that at least some are legacy and may or may not be connected to the rest of the systems. A lot of players, applications, and processes means there is more vulnerability, particularly regarding legacy systems. The main issue with older systems is that there was little to no development done to embed security, so there usually isn’t a way to embed any protection into them.
Regardless of the systems you’re working with, if you don’t already have a cybersecurity or breach contingency plan for your manufacturing facility, you need to get started on creating one right away. The steps to doing this are:
Build redundancy and contingency plans (with a workflow)
Build a playbook that offers ALL scenarios. A well-structured incident response plan should have detailed containment protocols, recovery procedures, and what data should be reviewed in a post-incident analysis.
Backup systems – Do you have backups in place for all of the organization’s applications? Do you need more space to back up everything? Is the backup space secure?
Figure out how to keep things functioning if an attack occurs. Is there a parallel system setup that employees can use to assist customers and vendors, at least partially?
Build teams that know what they need to do and when – then give them the authority to act! Review all scenarios and develop defined criteria for making decisions.
Invest in training for ALL stakeholders – and rehearse by role playing “attack responses” on a regular basis! This way the workflow is more familiar to everyone, if or when a breach happens. Training all personnel to understand things like phishing, and other cybersecurity best practices, empowers them to be the first line of defense against potential threats.
Align your organization with the worldwide standard ISO27001. To receive this certification, you will need to complete an audit that includes a risk assessment, establishing security policies and procedures, and a risk management evaluation.
Implement detection software and response software that can analyze site(s) for threats in real time. Configure all of your extended detection and response systems properly. If you are actively monitoring all data streams to find and stop potential threats, you are already ahead of the hackers.
Consider assistance from third-party experts like the Manufacturing Information Sharing and Analysis Center, which is a nonprofit community for manufacturers of all sizes. Their focus is cybersecurity threat awareness and mitigation.
Photo courtesy of depositphotos
Data Center Knowledge also suggests considering the following, when creating a cybersecurity or incident response plan:
Know what you have to protect. What applications are being used, and how do you keep them safe upfront? Basic things should include applying security patches (but testing them first!), changing endpoint passwords every 90 days, and using multifactor authentication.
If you look into purchasing cyber insurance, make sure you know what it covers!
Determine in which crisis situations you would or would not need the FBI’s help. If you think you might need them in any scenario, start to build a relationship with a representative there before you have an incident to make communications easier.
We hope this list offers some insight into how to develop a security plan for your facility’s tech systems. Although legacy and machine network systems may not always support traditional antivirus software, there are still many ways to secure and lock down these vulnerabilities.
To find the best system for YOUR environment, give one of our sales engineers a call today and ask about how we can help prevent attacks and breaches: 734-408-0200.