Advances in smart manufacturing are helping supply chains respond to market adversity, by providing tools for inventory visibility and better production planning. Often overlooked in the list of recent supply chain disruptions, however, is increased cybersecurity risk.
Cybersecurity threats are on the rise for manufacturers, with the industry accounting for 65% of all ransomware attacks in 2021, according to The 2022 State of Smart Manufacturing Report: Security Edition. Still, 61% of those surveyed do not have a plan in place for operational disruption. So it’s no surprise that a third of manufacturers cite cybersecurity and risk mitigation as a major threat to their growth.
By their nature, global supply chains introduce additional risk in the form of international exposure and a broader user base. Legacy software can be difficult to adapt to instances of remote access and extended capabilities. Some modern companies have adopted multi-tenant, cloud-based systems, backed by security experts that can help ensure business continuity.
The report also noted that by 2023, 75% of organizations will restructure risk and security governance to address the widespread adoption of advanced technologies. Following are five steps to implement or improve cyber security measures and preparedness for the supply chain planning process.
Identify key stakeholders, both decision-makers and system users, and gather those people who are affected by this change. Diverse perspectives will clarify the solutions needed, and the cybersecurity plan that will accompany adoption, including data inventory, privileged access management (PAM) and data lifecycle management. Questions to ask when identifying stakeholders include: Where are your information gaps? Where do you receive risks? And what are the operational challenges that you’re trying to solve?
Make the best business case for investment by highlighting increased control, efficiency and savings gained. Once you’ve demonstrated the benefits of your security upgrades, be sure to gather the requirements and include the importance of adaptability, security and risk mitigation information in your proposal. Questions to ask when developing a case for a cybersecurity investment include: What does success look like? What are the potential costs of identified risks and their mitigation? Which use cases offer the right balance of value creation and time-to-value?
Research and select the appropriate system from the multitude of options available. Research will explain the differences and narrow down to the choices that will work for you. Make sure to document proven security measures and review these questions with your key stakeholders: Will the system provide the desired results, meeting your business requirements now and in the future? Is it accessible and easy to use for your user base? And will it provide the expected cost-benefit balance?
Design and deploy the systems you selected with a system partner who can help create a roadmap for success. Once you’ve established clear expectations and a plan, you may begin deployment of improved cybersecurity measures. Some questions to consider during the deployment phase: Does the design satisfy all your requirements? Is there a timeline and achievable return on investment? Have the key stakeholders reviewed and agreed on the plan?
Manage change and drive adaption of new security measures with sponsorship, messaging and accountability. To integrate cyber security measures through smart manufacturing applications, you’ll need early adopters to lead by example, clear expectations to set all parties up for successful outcomes, and reporting that demonstrates results and identifies trouble spots. Key questions to ask as you upgrade cybersecurity measures and manage change include: Who will be your adoption champions? What is your adoption communication and messaging plan? And how will you adapt your culture through change management?
Security adoption is people-driven. Employees are integral to protecting your company, and it’s important to develop a culture of vigilance accompanied by routine reviews and inspections. Reinforce and build cybersecurity awareness through regular training, accountability, and communication. Remember to include your suppliers and stress their responsibility to protect their access points.
The growth of remote work has created benefits, including access to a wider talent pool and a more retention-friendly environment, but it’s also increased access points for cybersecurity risk. While not all roles are appropriate for remote work, there’s an increasing number of remote work-capable jobs in manufacturing, which means remote-work policies must be put into place to mitigate security risks. Providing the right education for employees will help strengthen your first line of defense. Some simple tips include e-mail and linking awareness; website browsing with responsibility; hypervigilance with calls, texts, and emails, and checking and re-checking sources.
Smart manufacturing adoption helps achieve security and risk mitigation goals, and can be simple, seamless and cost-effective. Online, score-based resources are also valuable for manufacturers looking to evaluate their own risk level and that of any vendors they use.
Global supply chains require risk mitigation and resiliency built on constant monitoring and vigilance. Monitoring cybersecurity and having a plan in place are vital to all manufacturers, regardless of their level of technology adoption.
Ben Stewart is vice president of product strategy with Plex.