In the midst of the fourth industrial revolution, manufacturers are at the forefront of technological progress, revamping traditional production lines with cutting-edge smart technology such as AI and the IoT. These innovations are empowering companies to adapt to evolving client demands, accelerate product launches, and proactively address supply chain challenges. However, it's crucial to acknowledge that these advancements come with their own set of vulnerabilities.
Insights from Industry Leaders: Understanding the Impact of Cyber Threats
Prominent figures from the cybersecurity and technology sectors came together to discuss the dynamic landscape of cyber threats and the significance of taking proactive measures. The panel featured Melissa Cromack, former VP of Member Relations at AIM; Jeff Lauria, Chief Information Security Officer at iCorps Technologies; Sarah Haig Baker, COO & Co-founder of Silverside Detectors Inc.; and David Sun, former Principal at Cliffton, Larson, Allen, LLP.
The speakers delved into critical statistics and real-world examples to illustrate cyber threats' pervasive and damaging nature. One striking point raised during the webinar was the significant financial impact of a data breach, with the average cost of a breach in the United States reaching $9 million, according to a study by IBM. Furthermore, the discussion highlighted the alarming time frame between initiating and resolving a breach, which averages 280 days globally. This extended period provides threat actors ample time to inflict significant damage to an organization.
Ransomware Evolution and Best Practices in Cybersecurity Collaboration
A particularly noteworthy aspect addressed was the evolving nature of ransomware attacks. A misconception was highlighted, with many business leaders viewing ransomware as a mere business interruption problem. However, the reality is far more insidious, as cybercriminals have adapted their tactics to include data exfiltration and threats of public exposure, aiming to maximize their leverage and coercive power. This shift in approach has significant implications for impacted organizations, extending the recovery process and elevating the potential consequences beyond mere financial demands.
The webinar also emphasized the importance of industry-wide collaboration and best practices in cybersecurity. Jeff Lauria underscored the significance of adhering to recognized frameworks such as the National Institute of Standards and Technology (NIST), advocating for a measured and systematic approach to cybersecurity. Furthermore, he emphasized the need for continuous investment in cybersecurity, recommending that 15-20% of the IT budget should be allocated to cybersecurity measures.
Sarah Haig Baker shared practical insights gleaned from her company's journey towards improving cybersecurity measures. She highlighted the necessity of compliance with evolving regulatory standards and the ongoing nature of cybersecurity efforts. The panel also touched on the critical role of third-party vendors and the need for robust cybersecurity measures across the entire supply chain.
6 Key Recommendations to Enhance Security Posture:
-
Trusted Process (API / Integration) Automation - Implement a trusted process for API and integration automation, alongside regular certification assessments for APIs. It is also crucial to reauthenticate keys annually and limit access through virtual location and data monitoring.
-
Cyber-Physical Systems (CPS) - It's vital to patch all subsystems regularly, limit access between systems using pull versus push notifications, and thoroughly understand the data flow between the systems.
-
Internet of Things (IoT) Devices - Quarantine devices behind a DNS firewall to enhance security. Additionally, limiting connectivity and patching devices regularly are essential practices to ensure a safe and secure IoT environment.
-
Cloud Computing: Everyday Computing and Threats - Embracing cloud computing has become essential for modern businesses, and Microsoft 365 and Google Workspace stand out as top choices for everyday computing needs. Additionally, integrating company sites and customer relationship management systems (CRM) into the cloud environment can further streamline operations and enhance overall productivity.
-
Cognitive Computing - It's crucial to leverage cognitive computing to restrict access, safeguard the integrity of data, and maturely map data flow for robust information security and management.
-
Artificial Intelligence - When implementing Artificial Intelligence systems, it's essential to limit functionality on an as-needed basis and ensure controls are in place to prevent out-of-function use. This helps to maintain security and prevents unauthorized access to the AI system.
Strategic Imperative: Prioritizing Cybersecurity in the Construction Industry
As cyber threats continue to evolve and pose significant financial and operational risks, construction industry CEOs must prioritize cybersecurity and allocate the necessary resources to protect their organizations from potential breaches and data theft. Cybersecurity is not merely an IT concern—it is a strategic imperative that demands attention and investment at the highest levels of corporate leadership. By integrating cybersecurity into the fabric of your organization and fostering a culture of vigilance and preparedness, you can safeguard your company's assets, reputation, and future success.
If you're a part of the manufacturing industry and seeking to enhance your cybersecurity, governance, or IT compliance strategies, our team of security experts at iCorps is here to provide you with valuable assistance. Contact us for a complimentary consultation to elevate your approach to securing your manufacturing company.