Do you know your vulnerabilities?
The amount of connectivity in today’s manufacturing environment means more attack surface – or vulnerabilities – for cyber threats to latch on to. Securing your production means looking beyond defense in depth strategies and addressing cyber risk across the attack continuum. But how?
- Following the NIST cybersecurity framework is a good place to start.
- Identify what you have (asset inventory) and the associated risks.
- Leverage protective mechanisms like patching, tracking and access control to help protect what you have.
- Detect anomalies and events which bypass those protection mechanisms.
- Implement response capabilities.
- Develop a system to support rapid backup and recovery.
Successfully implementing these basic cyber hygiene tenets is the first step in building an effective cybersecurity program and improving your ability to defend against future cyberattacks.
How are you dealing with obsolescence?
There will be vulnerabilities. There will be obsolescence. And updates aren’t as easy as simply replacing hardware or applying a patch. You need to be mindful of the regulations and environment you’re in.
Consider the following when evaluating the risks of maintaining hardware or software:
- What is the impact of someone exploiting this vulnerability?
- Is there a way to address this vulnerability by applying an alternative mitigating control?
- If not, can you justify migrating to a supported platform/solution/product for this application?
There’s no one right answer. Depending on the controls and prevention mechanisms you have in place, you may choose to continue to produce or run a batch as-is because you feel protected and your risk mitigated. But asking these questions before an incident, understanding your security posture, and having proper documentation and controls in place, will help you be more confident in your decisions.
Can you quickly and clearly define your strategy and know how you’ll respond to a cyberattack? The best prepared organizations create a culture of operations and IT working together to answer those questions. Make sure teams collaborate well, driving issues through resolution. How would you engage them? What tools are available and are new ones needed?
Together, you should complete regular assessments that measure and manage risk. If you feel confident that you’ve covered the five NIST pillars, you may be good. But really challenge yourself as a team to dig deeper into this framework and put your organization to the test.
We often suggest running a tabletop exercise, a meeting to simulate an event. Play out in real time how you’d respond and recover after detecting an event. This kind of concrete drill will help expose any gaps in your program.
Are you ready to think differently?
Cybersecurity isn’t a set-it-and-forget-it discipline. You should continually seek to understand your exposure, risk and preparedness. Challenge your organization to identify what’s changing, both internally and externally. What can you do differently? Where do you need help?
Those that succeed in creating a solid cyber hygiene foundation aren’t just buying tools and technology. They’re addressing the human and organizational aspect of creating a culture of change. One where operations, IT and management embrace security as part of their everyday jobs and where workers know how they contribute to the end goal.
With so much at stake, frequent attention to these questions can have a big impact on securing your operations and helping to protect the bottom line.