Blog

Manufacturers at Risk: The OT/IT Security Threat

Manufacturers at Risk: The OT/IT Security Threat

By supporting five of the top 20 manufacturers, Secureworks has unmatched insight into the unique cybersecurity challenges faced by companies that operate production lines. And the news isn't good. In fact, according to the most recent numbers from Gartner, manufacturers have become the top victim for ransomware attacks this past year1.

So let's take a look at what makes manufacturers a special case — and what manufacturers can do to transform cybersecurity from a business risk to a competitive advantage.

Why are Manufacturers Especially at Risk in 2023?

Several factors have led to the elevated risk manufacturers now face. These factors include:

  • Rapid innovation and digital transformation in operation technology (OT). Manufacturers have engaged in intensive modernization of their operations over the past few years. They've adopted robotics, AI/ML-enabled control systems, smart warehouses and more. These technologies significantly expand their threat surfaces. Also, in many cases, digital transformation has been implemented so aggressively that security has often been an afterthought.
  • OT/IT integration. Once upon a time, OT was almost invariably air-gapped from information technology (IT) and the broader internetworked world. This is no longer the case because the lines between IT and OT have become increasingly blurred. So in addition to having a vastly larger surface to attack, threat actors now have larger, more complex environments in which to hide as they probe for lucrative targets.
  • COVID, remote work, and cloud. Before COVID, manufacturers were generally content to lag far behind most other sectors when it came to remote work and cloud because almost everyone worked on site. COVID forced a very rapid acceleration of work from home and cloud adoption — often at the expense of security best practices.
  • Longer executive and employee tenure. People in manufacturing tend to be older and stay in their positions longer. The tenure of CFOs, for example, is 20% longer in manufacturing than in tech. The result can be impaired cybersecurity-consciousness. We've seen multiple manufacturers encounter resistance to multifactor authentication (MFA) from their executives — who, of course, are a top target for threat actors.

What Should Manufacturers Do?

Every manufacturer's environment and current security posture are different. But based on our many customer engagements, here are three key initiatives we believe every manufacturer should strongly consider implementing this quarter:

  • Understand and protect the threat surface. Most manufacturers need to significantly improve the speed and thoroughness with which they patch their ever-growing number of increasingly diverse endpoints. As noted above, many are also having trouble achieving 100% implementation of MFA. These measures, along with other endpoint controls, are essential for mitigating risk and moving towards a true zero-trust environment.
  • Get much more aggressive about detection and response. Prevention is just one part of the cyber defense equation. Detection and response are vital too. Our 2022 State the Threat Report revealed a threat actor who breaches your perimeter only needs an average of 4.5 days — and often even less — to execute a high-impact ransomware attack. You must severely limit the dwell-time you allow anyone who means to do you harm.to execute a high-impact ransomware attack. You must severely limit the dwell-time you allow anyone who means to do you harm.
  • Test, drill, and learn. The most effective cybersecurity practitioners engage in continuous improvement and make risk mitigation everyone's business. Pentesting supports continuous improvement because it allows you to safely find and fix cyberdefense gaps before someone else can exploit them. But it's also important to involve your entire organization in risk mitigation — whether you're teaching end-users how to avoid getting phished or working through a tabletop drill to make sure you communicate properly with customers, suppliers, and the media in the event of a breach.

How Secureworks Can Help

There are several reasons that Secureworks is the cybersecurity partner-of-choice for so many manufacturing companies — especially those engaged in aggressive digital transformation. These reasons include:

  • Best-in-class detection and response for manufacturers. Secureworks® Taegis™ XDR (extended detection and response) is a leading cybersecurity platform on the market for capturing and correlating telemetry from across your entire environment — including endpoints, cloud, networks, applications, OT, and directory services — to detect and identify activity indicative of a threat.

    Taegis XDR:

    • Collects a wider range of telemetry than traditional EDR
    • Is more responsive and more cost-effective than traditional SIEM
    • Provides the most powerful and reliable out-of-the-box malicious activity detectors, continuously updated based on superior threat intelligence involving 600 billion events captured daily from both manufacturers and threat activity from our global customer base
  • Relieving the staffing shortfall. Effective cyberdefense depends on AI-assisted expert vigilance 24/7/365. But given the worldwide cybersecurity talent shortage, few manufacturers can hire the SecOps staff they need for even one shift — let alone three. That's why Secureworks and our partners offer MDR (essentially value-added services built on top of Taegis XDR) that flexibly complement your in-house staff, based on your needs and budget goals.

  • A true partner for security success. In addition to delivering the critical detection-and-response capabilities you need to fully minimize intruder dwell-times, Secureworks delivers:

    • Adversarial testing
    • On-demand threat hunting services
    • Vulnerability management through Taegis VDR
    • Extended value for Microsoft E5 licensees
    • On-demand support within 90 seconds
    • Crisis management preparation
    • Ransomware readiness assessment

We all know how high the cost of inadequate security can be. One manufacturing customer told us they estimated that a ransomware incident costs about $2 million. Fraud events such as fake invoices achieved through business email compromise average about $50,000 apiece. And that's not even including production stoppages, exposure of intellectual property, and negative impacts on brand reputation.

Given today's profound concerns about supply-chain reliability, however, it's also worth bearing in mind the significant financial upsides of superior security. Our customers now report that including their Secureworks-enabled security posture in their RFPs is actually helping them drive sales and avoid discounting — because their customers are more anxious than ever about vulnerability to cyber risk.

If you'd like to learn more about how Secureworks keeps manufacturing companies like yours safe and secure, take a look at some of our manufacturing case studies. Or reach out directly for a demo.

1 Gartner's Product Leaders Insight: Embed Cybersecurity Into Your Vertical Industry Strategies, Mar 2022

Back to all Blogs

GET THE LATEST SECURITY UPDATES

Thank you for your submission.

Try Taegis Today

Request a demo to see how Taegis can reduce your risk, optimize your existing security investments, and fill your talent gaps.