paint-brush
5 Tips for Better Cybersecurity in Manufacturingby@zacamos

5 Tips for Better Cybersecurity in Manufacturing

by Zac AmosAugust 4th, 2023
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Manufacturing cybersecurity is critical but lacking. Manufacturing businesses can improve their security posture by upgrading legacy equipment, evaluating supply chain risk management, performing vulnerability scans and penetration testing, executing data minimization, and replacing outdated cybersecurity practices.
featured image - 5 Tips for Better Cybersecurity in Manufacturing
Zac Amos HackerNoon profile picture

Manufacturing cybersecurity is at its most critical stage as Industry 5.0 looms on the horizon. Advancing AI and robotics require thorough cybersecurity detection, prevention, and management. Modern solutions catalyze impactful cybersecurity adjustments manufacturing business leaders can employ to protect their data, staff, equipment, and products.

1. Upgrade Legacy Equipment

The manufacturing sector is the most vulnerable industry regarding cybersecurity, accounting for 24.8% of global cyber threats. It is higher than energy, government, and health care combined. A unifying thread throughout the most susceptible industries is a reluctance to adopt modern technologies. Legacy equipment leaves industries open to backdoor threats. Numerous machines and programs people no longer service are rife with exploits, and threat actors know them all.


The retrofit must have a comprehensive range. Otherwise, it is ineffective. New tech installation includes every space, including but not limited to:


  • Data center hardware
  • Factory floor terminals
  • Operational software
  • Administrative devices, such as PCs and company phones
  • Internet of Things (IoT) devices


It is an expensive undertaking to overhaul even a single plant. The upfront investment pays for itself when it reduces cyber criminals’ attack vectors to enter any manufacturing enterprise. Cyberattack costs continue to rise, making gradual enhancements a part of defense spending. Business leaders are responsible for working with CFOs and cybersecurity analysts to determine the necessary equipment and software for bolstered defenses.

2. Evaluate Supply Chain Risk Management

Supply chains are the links holding a manufacturing operation together. If factories find one supplier with cybersecurity oversights, the other links are at risk. Many have connected access to company-critical information which software hackers exfiltrate data from. It compromises critical infrastructure that impacts customers and society. Operational delays and reputations are on the line because of a third party.


Holistic and effective cybersecurity for manufacturing can only happen with collaboration and action throughout the supply chain. There are a few obstacles to overcome. The first is dedicating time and resources to auditing and communicating with third parties to develop reinforced cyber risk management. Secondly, there is the financial and time cost of implementation, which is usually habit-building and training through strategy and new equipment.


Case studies explore how technologies like microelectronics have the potential to make supply chains in manufacturing cybersecurity more resilient. Organizations will order parts while upgrading legacy systems, but a few barriers exist. Manufacturing plants are responsible for evaluating the integrity of the supply chains creating the technology they rely on to improve cybersecurity.


Additionally, 90% of the product cost occurs during design and sourcing. It makes decision-making risky. Manufacturing management is in charge of reviewing its supply chain and every other partner they interact with for optimal defenses and standardization accountability.

3. Perform Vulnerability Scans and Penetration Testing

Manufacturing cybersecurity must distinguish the importance of performing vulnerability scans alongside penetration testing. Vulnerability scans are automated, which saves analysts labor. Penetration testing requires in-depth, manual infrastructure analysis.


Industry 4.0 relies on automation to meet demand, which means incorporating more IoT systems. Sector interest caused a spike in IoT-related purchases, but the IoT has security flaws. Vulnerability scans and related testing jumped 458% for IoT tech in the last several years to mitigate industry-known security faults.


The two diagnostic activities provide business continuity improvement opportunities and budget insight to ensure teams allocate resources and money to cybersecurity enhancements with a high return on investment.

4. Execute Data Minimization

Data minimization is a buzzphrase as regulatory bodies scramble to standardize how corporations collect, use and sell information. The practice focuses on thoughtful, secure data use. Consumers are more aware than ever of how corporations manipulate data for profit, compromising the security of others outside the manufacturer.


Consumers and business partners appreciate the dedication to data management and privacy, deepening retention and brand loyalty to the manufacturer. The best practices for data minimization include:


  • Scheduling data backups to immutable devices.
  • Deleting data over a certain age, including on backup systems.
  • Reducing incoming data by collecting fewer data points.
  • Minimizing individuals who have access to data silos.


Management should question whether collecting information — like credit card information or driver’s license numbers — is necessary. Every byte is revenue. Personally identifying information data categories are the most targeted because they are fiscally and socially valuable.

5. Replace Outdated Cybersecurity Practices

Cybersecurity is a perpetually evolving focus area. It is always trying to outpace new threats and harmful techniques as tech advances faster than humans can keep up with. It is not sustainable to perform a one-time cybersecurity strategy and leave it be. Manufacturing leaders are in charge of spearheading a constant cyber defensive evolution.


For example, perimeter security is popular for asserting the gravity of strong outer defenses, like intrusion prevention systems and border routers. Manufacturers ignore prioritizing protecting what is within the perimeter if they continually focus on the walls alone. Adopting zero-trust and least-privilege frameworks assist in what perimeter security cannot accomplish — it forces authentication and validation of every access request. Thus, threats are not able to stay in a network as long.


Relying on technology to perform all the work is another failure to acknowledge the significance of manufacturing cybersecurity hygiene and training. Human error is a leading cause of cyber threats, meaning education reduces countless potential compromises.


Other outdated practices and mindsets include:


  • Believing the factory is too big or small to be a victim of an attack.
  • Changing passwords ineffectively.
  • Using old software or operating systems without updating it.
  • Ignoring data backups.
  • Providing access to integral systems as a just-in-case measure or convenience.
  • Not researching third-party security measures, such as cloud providers.
  • Reducing cybersecurity budgets and staffing.

Improving Manufacturing’s Cybersecurity Reputation

Cybersecurity for manufacturing is possible with attentiveness, initiative, and rationale. Recognizing the industry’s vulnerability is the first phase in executing a robust action plan uniting third parties, staff, and stakeholders to contribute to exhaustive digital safety.


Factories can change the threat landscape, even with hastened technological adoption and digital health training. A single manufacturing business leader can forge a higher standard by leading by example to inspire sector-wide change.