As manufacturing companies digitally transform, they are joining their finance and healthcare counterparts as targets for ransomware. And as such, they must safeguard against escalating threats.
Last year marked a critical juncture for the manufacturing sector, which now finds itself at the epicenter of cyber threats, outpacing finance, professional services, and the energy sector for the largest distribution of cyber-attacks across the globe.
Drilling down to look specifically at ransomware attacks – those that lock up critical data until a ransom is paid – recent research from GuidePoint shows Q3 2023 had a 15% increase over Q2 2023 in attacks across industries. Unfortunately, manufacturing topped the list with 170 reported ransomware attacks in Q3, more than 50 more than the next highest industry sector. It’s gotten to the point that even the NAM Manufacturing Leadership Council has provided guidance to manufacturers to help drive education.
Not only is the increase of cyber-attacks increasing for manufacturers, so is the cost. While IBM notes that the average cost of recovering from a cyber-breach is $4.35 million, manufactures paid a higher price ($4.47M) because breaches often shut down production while the issue is fixed, resulting in further lost revenue. Talk about adding insult to injury.
See also: Ransomware Hackers Turn Aim To Midmarket Targets
Cybersecurity Vendor Landscape Complicates the Issue
As if protecting data wasn’t complex enough, the cybersecurity vendor landscape is wholly overwhelming. IT-Harvest Dashboard, the largest cybersecurity vendor database, showed more than 3,000 vendors across 17 categories in January 2023. The number is sure to have increased over the past 12 months.
For any business – manufacturers included – trying to identify and prevent a cyberattack is a monumental task that costs a fortune and often leads to redundant technology buying. The fear, uncertainty, and doubt (FUD) accompanying the cybersecurity industry has businesses duplicating purchases that oftentimes don’t increase their chances of preventing a successful breach or attack.
If global manufacturing companies like Dole, Clorox and Brunswick, which have both the financial and personnel resources to put up a good fight against ransomware attacks, continue to be successfully breached, we have to ask the question: what can we do to recover from an attack once it happens?
See also: Ransomware Could Be Headed to the IoT
Data Protection Strategies: Beyond Traditional Methods
Manufacturing companies absolutely must continue to invest in traditional cybersecurity measures such as security operations, endpoint and network offerings, and threat detection and analysis. But they should also adopt more comprehensive approaches to protect their data.
By creating backup policies that anticipate ransomware attacks, manufacturing IT professionals can access copies of data when they are needed for restoration purposes.
The ‘3-2-1 rule’ for data backup – maintaining three copies of data on two different media, with one stored off-site – is an essential best practice that’s not being sufficiently employed in the industry. According to a recent survey conducted by my organization, only 26% of manufacturing companies adhere to this rule. Because of the ease and availability of cloud storage, many businesses store data – including their backups – only in the cloud. This presents a significant problem when the cloud storage service loses data, as happened with Google Cloud in November.
This same research sheds light on the internal conflicts within manufacturing companies regarding data storage and backup. While most manufacturing respondents recognize the importance of encryption and secure backup practices, implementation lags significantly. For instance, only 36% of surveyed manufacturing organizations utilize both cloud and encrypted storage, and just over half keep backups for six months or more.
So, what should you do to protect your data? Let’s look at three strategies that are relatively easy to deploy and make an important difference to securing your assets:
- Adopting and Enforcing Encryption: Given the heightened risk of data breaches, it is imperative for manufacturing companies to enforce strict encryption policies for all data storage devices. Encrypting data prevents bad actors from stealing it, an important step in restoring data if and when it’s needed. And, remember, don’t just encrypt operational data, but also employee and customer information, too.
- Comprehensive Backup Strategies: Embracing the 3-2-1 rule is vital for ensuring data recovery in the event of a cyberattack. Additionally, exploring real-time backup solutions that automatically back up data as changes occur, as well as diversifying backup mediums, can enhance data security. And remember – if it takes an average of 277 days to identify and contain a breach, you can’t keep your backups for less than this amount of time.
- Data Hygiene Practices: Regular data management audits, establishing strong password policies, and implementing multi-factor authentication are essential steps in maintaining data integrity and security. Organizations should consider incorporating these types of practices into their security policies to ensure enforcement.
Ransomware is not an “if” situation. Unfortunately, it’s a “when” that manufacturing organizations must plan for, and that requires a shift in data resiliency strategies. While innovative cybersecurity tools and services serve an important purpose, the foundation of cyber-resilience lies in basic yet critical practices such as data encryption, diversified backups, and rigorous data hygiene. Manufacturing companies must prioritize these practices as much as they do their endpoint security or threat intelligence services to safeguard against the escalating ransomware threats in today’s digital landscape.