CYBER SECURITY NOVEMBER/DECEMBER 2020
A HIDDEN THREAT
Manufacturing is a prime target for cyber criminals, but companies can
employ a range of methods to protect themselves and their IP
Cyber security is important in every
industry, but nowhere more so than
manufacturing, where the sheer amount
of classifi ed information companies hold
makes them extremely attractive targets
for criminals.
Modern cyber threats can take many forms,
ranging from state-sponsored espionage, to
organised criminal gangs, disgruntled third parties
and even careless company insiders making honest
mistakes. But at the end of the day, all of these
present a serious danger to data security, resulting
in serious reputational, competitive and fi nancial
consequences should a breach occur.
For manufacturers with complex supply chains,
the data of most value is their intellectual property
(IP); including proprietary formulas, designs and
patents, to name just a few. Keeping this highly
sensitive IP away from prying eyes can be critical
to a company’s long term success, which is why it’s
essential to have eff ective cyber security in place to
protect it. What follows is a series of cyber security
tips that can signifi cantly improve any company’s
security posture and help keep sensitive data safe.
1 Commit to making data protection a
top priority
When it comes to data protection, it’s amazing
how many companies talk the talk but fail to walk
the walk. Executives often like to cite worker
productivity and seamless information fl ow
as reasons for not having meaningful security
programs in place, which they think will hinder
such things. However, this is outdated thinking.
There’s a plethora of excellent
security solutions available
today that off er a great
balance between providing
the protection needed, whilst
still keeping productivity and
innovation at optimal levels.
Ultimately, no data protection
programme will get off the
ground without support at the
executive level, which is why
it’s such a fundamental fi rst
step to success.
2Take the time to identify
all key assets and where
they reside
Once a commitment to data
protection has been made,
the next step is to identify
exactly which assets need
protecting and importantly,
where they reside. All too often,
organisations have no idea
where all their valuable data
is actually stored, or who has
access, leaving it vulnerable to
theft. While it can feel like a
daunting task, it doesn’t have
to be. Start with the most
valuable IP the company has
and go from there. For example,
manufacturers would do well
to start with their proprietary
designs and formulas. Once
these have all been identifi ed
and located on the network,
move to the next organisational
function and repeat.
3Start with the basics and
add further layers of
security as needed
As soon as sensitive data
has been identifi ed, fi rst and
foremost it must all be labelled
as such. Labelling assets as
'confi dential' sounds basic, but
it’s the quickest and easiest
way to ensure anyone accessing
it immediately knows. Once
this has been done, additional
security layers can be added
as needed. From encryption
to digital rights management,
persistent document tagging to
policy-driven data protection,
there are many approaches that
can ensure data fl ows freely, but
only on a need-to-know basis,
greatly reducing the opportunity
for theft.
4Conduct regular
security training to
keep it top of mind
No matter how eff ective a
company’s security programme
BY TIM BANDOS, VP CYBERSECURITY, DIGITAL GUARDIAN
28 www.manufacturingmanagement.co.uk
/www.manufacturingmanagement.co.uk