By Stuart Facey, VP EMEA, Bomgar.
Manufacturing is going through a technological resurgence that is transforming the modern factory. Today we are seeing data-driven factories, with an unstoppable integration of connected systems and devices.
Gartner predicts that 25 billion Internet-connected things will be in operation by 2020 with close to $2 trillion of economic benefit globally, and the advantages of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems being integrated into the IoT is proving its potential in improving efficiencies, innovation and profitability.
However, at the same time this increased connectivity is also opening up entry routes for cyber criminals, leaving manufacturers open and vulnerable to a multitude of exploits and unauthorised access attempts. This is yet further complicated by the increasingly complex network of third parties across the supply chain that are employed to manage many aspects of their operations, with some having several hundreds of external parties accessing their systems in a typical week, according to Bomgar's 2017 Secure Access Threat Report. In addition, more than half of the respondents of the report said they had sole responsibility for managing third party access into their infrastructure, and one in five admit to offering three or more access routes to their vendors, making an already big job even more challenging.
IBM's 2016 security intelligence survey revealed that manufacturing is now one of the most frequently attacked industries, second only to healthcare. In addition to the increased risk of attack via third parties, Bomgar's report also revealed that insiders, such as employees or contractors, also pose a significant threat to security. The survey found that 67 percent of IT professionals believe an insider data breach is the primary security threat for them, and a further 73 percent were also concerned that they could lose sensitive company information within the next 12 months.
The race to connect devices and transform processes and procedures offers many competitive advantages to manufacturing organisations, however the security stance should not be compromised and must therefore be incorporated in projects from the outset. The detrimental impact a breach could have on the public as well as an organisations' reputation, far outweighs the benefits that can be achieved.
It only takes one employee or one third party to leave an organisation vulnerable, and with the continuation of high-profile data breaches, many of which are caused by compromised privileged access and credentials, it's crucial that organisations control, manage, and monitor all access to their environments to mitigate this risk.
Adding to this pressure, all manufacturers are under immense pressure to have effective security and breach response capabilities in place ahead of the 2018 EU General Data Protection Regulation (GDPR) deadline. The EU GDPR brings consistency to the current data protection laws across EU member states and provides guidance on how any EU citizen data should be stored as well as how companies must respond in the event of a data breach. In the short term it is key to minimise some of the more common security weak points such as password sharing and poor employee on and off-boarding strategies to support ongoing GDPR initiatives.
Security must therefore be built into the ethos of any organisation and its projects, where workforce training, regular security assessments and specific policies and procedures are included and understood by the whole organisation.
With the variety of hacking strategies combined with the integration of modern solutions such as the IoT and complex interconnected networks of suppliers, it is paramount that controls are put in place to manage and audit all access to both complex systems such as server based environments, but also to less complex devices such as routers and switches, including all insider and third-party access.
There are a few core steps the industry can take to securely manage access:
- First, verify that employees and third-party vendors are who they say they are when requesting access to the network. Once confirmed, centrally manage all privileged accounts using an enterprise password vault so that passwords do not need to be in the public domain, written down, shared or stored in multiple places and systems.
- Next, implement an access solution where credential injection functionality is available so that passwords cannot be accessed or seen by the user but ensure they can still gain secure, instant access to the systems they need. Using a privileged access or privileged session tool also enables organisations to granularly control where users can go, what they can access and when.
- Finally, ensure that all access is audited and recorded. If a breach does occur, it will support the traceability to an entry-point and provide a record as to what may have been compromised. With GDPR regulations requiring organisations to quickly notify the relevant regulator if they have been impacted by a data breach, solutions that support these features will be a must have.
Manufacturers need to encourage the integration of multiple best-in-breed tools together with privileged session and privileged access management solutions as part of a robust security eco-system. These include detection tools, SIEM solutions, network segmentation and employee awareness initiatives to ensure they protect themselves from attacks through their connected devices whilst maximising the benefits available.
By implementing secure remote access, architecture and controls, manufacturers can prevent breaches and protect their corporate and reputational damage, ensuring innovation can prosper and regulations met.