Why cybersecurity risk is growing in construction.
The war in Ukraine is closer than you think.
Recently, the White House warned malicious attacks could be just a few keystrokes away, making it critical for local governments and businesses to close their digital doors, put their shields up, and protect people, data, and infrastructure from the disruption a cyberattack can cause.
Cybersecurity managing risk in the information age
By 2027, investments in manufacturing cybersecurity are projected to reach almost $30 billion to protect and ensure the safety of plants, machines, and organizations.
In fact, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) – a component under Department of Homeland Security control – has identified several manufacturing industries “crucial to the economic prosperity and continuity of the United States,” including manufacturing of primary metals; machinery; electrical equipment, appliances and components; and transportation equipment. A cyber attack in any of these could cause disruption at a national level and across other industries.
According to the Association of Equipment Manufacturing, no person or organization is immune to cyber security threats in manufacturing and everyone is responsible for helping prevent them. 2022 cybersecurity risks include some of the more well-known tactics like ransomware (a malicious software that locks and encrypts computer files until a ransom is paid) and phishing (enticing a reader to click a link, download an attachment, or reveal personal information).
Just as technology has become more sophisticated, so have cyberattacks.
Digital technologies in smart factory initiatives are facilitating more complex cyber threats. In a study of manufacturing industry cybersecurity, Deloitte and the Manufacturers Alliance for Productivity and Innovation (MAPI) uncovered numerous operational, financial, and strategic risks related to Operational Technologies (OT) like logic controllers, distributed control systems, embedded systems, and industrial IoT devices. Manufacturers aren’t prepared for potential cyber threats and need an enterprise program designed to identify, protect against, respond to, and recover from attacks.
Cybersecurity risk aware manufacturers use industrial control systems (ICS) to monitor and control machinery, production lines and other physical processes. To enhance business processes, capabilities, and ability to compete, today’s manufacturers are connecting their operational technology (OT) systems with their information technology (IT) systems to boost productivity and operate more efficiently. While offering many positives, they also attract cyber criminals expert in exploiting vulnerabilities to compromise ICS integrity and data.
The U.S. National Institute of Standards and Technologies National Cybersecurity Center of Excellence (NCCoe) just released a new Cybersecurity Practice Guide, entitled, Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector (Special Publication 1800-10) to help organizations detect and prevent unauthorized software installation; protect ICS networks from harmful applications; detect unauthorized use of systems; monitor network traffic; leverage malware tools; and more.
Stay in the know and help shape the conversation and solutions by joining the NCCoe’s Manufacturing community of interest, where business professionals and advisors meet monthly via teleconference to share insights, technical expertise, challenges, and more. To express your interest in joining, email manufacturing_nccoe@nist.gov. For additional insights and information about cyber threats, see Why You Need to Update Your Cybersecurity Now.
While you’re focusing on cybersecurity, let RBT CPAs give you peace of mind that your taxes, auditing, and accounting are covered. Give us a call; we’ll do the rest.