With the advancement of digitization and the industrial internet of things (IIoT), industrial environments are increasingly interconnected and remotely accessible. Historically, this hasn’t been the case, and manufacturers haven’t had to focus on cybersecurity. However, with these advancements, these previously inaccessible industrial control systems are now accessible and often unsecured, and attackers are all too happy to target these vulnerable access points. And it shows: manufacturing is now the second-most targeted industry for cyberattacks, with the largest average ransomware payout. The costs of an attack also extend beyond a potential ransomware payout; organizations face the possible theft and exposure of sensitive data and intellectual property, as well as production downtime that cripples production capacity and directly impacts revenue, at an average cost of $100,000 per hour.
How are these attacks happening? Unfortunately, third party partners are the most common entry point attackers use, with 63% of breaches attributed to third parties. These third parties and contractors are granted permission to industrial control systems to provide timely support and ongoing maintenance, leaving unsecured manufacturing networks susceptible to attackers. The proliferation of IIoT and industrial remote access to manufacturing devices also provide hackers with potential entryways into unprotected manufacturing systems.
Industrial remote access for third parties is often handled locally on a site-by-site basis with a variety of solutions (often whatever is easiest) such as unsecured desktop sharing tools and unmonitored VPNs. While these solutions facilitate remote access, it’s often at the sacrifice of cybersecurity, leaving manufacturing organizations without the centralized oversight, visibility and control they need over the access of their third parties across their global sites.
With cyberattacks on manufacturing plants and industrial machines on the rise, you cannot ignore the cybersecurity risks associated with your third parties and supply chain. And considering the increasing costs associated with these attacks, you cannot afford to neglect fully securing any remote access to your industrial environment.
More third-party vendors are accessing manufacturing devices, applications, and systems to optimize productivity. But this interconnectivity can come at a cost if not properly secured. Learn more about the cost of a manufacturing cyberattack and how to proactively protect your company from the fallout of a data breach in your supply chain.