Recent manufacturing crises such as the baby formula shortage and the global chip shortage demonstrate the profound impact of downtime and production issues. From the global pandemic to lockdowns in China, manufacturers are now being warned about the risk of cyberattacks from Russia.
Manufacturing is an emerging target for cyberattacks; production floors that were once protected by legacy or closed-network systems are now digitized and open to greater access—and risk. As a result of this, manufacturing organizations are starting to take a more aggressive stance on securing their informational technology (IT) and operational technology (OT) environments to ensure access to critical data and systems, but also to protect the integrity of intellectual property (IP), product parts and the software supply chain. Without these measures, manufacturers face the risk of an average data breach cost of $4.24 million—though that’s still pennies compared to the cost of unplanned downtime, which is now up to $50 billion per year.
A recent manufacturing cybersecurity survey revealed that 75% of cyberattacks result in a production outage. In 43% of the outage cases, production stopped for more than four days—to say nothing of the impact of cyberattacks on any of the downstream supply chain partners.
In response to the increased risk landscape, in 2021, federal regulators released Executive Order 14028 which urged the public sector and federal agencies to harden security and adopt MFA. The Office of Management and Budget (OMB) Memo M-22-09 followed suit in 2022, offering guidelines for the implementation of Zero Trust security and phishing-resistant MFA, in order to protect against the evolving cyberattacks on critical infrastructure and the software supply chain.
As these organizations place more emphasis on resilience and product quality in their supply chains, it’s time to up-level the manufacturing cybersecurity game and consider what practical steps can be taken to secure the IT and OT environments and all the critical points and people along the supply chain.
“Proactively securing our global supply chain was an important step as properly tested and approved products are counted on by our customers who buy and deploy them.” – Chad Lloyd, Director of Cybersecurity Architecture for Energy Management, Schneider Electric. Read the case study.
For more on how to implement phishing-resistant MFA, secure third-party access, and safeguard the supply chain, read our latest whitepaper: Protecting manufacturing with highest-assurance security.