Quick question: How prepared is your company for a cyberattack?
In a 2016 survey commissioned by FM Global and conducted by CFO Research Services, 59 percent of the senior financial executives that responded said their operations had been harmed by a cyberattack. Only 24 percent said they were prepared for the attack and its aftermath. Based on what we saw in 2017, their answers were likely the norm.
We have all read the reports of serious infiltrations by hackers in some of the largest and (we assumed) most well-protected companies in the world — FedEx, Honda, Maersk, just to name a few. In May, a ransomware virus (“WannaCry”) spread globally attacking PCs that weren’t protected with a patch, MS17-010. Just one month later, another, much worse form of malware called “Petya” made the rounds. This time the unfortunate companies who didn’t have a backup lost their data because the virus didn’t allow the hackers to decrypt the files once the ransom was paid. Industry folks call that a “wiper” rather than true ransomware. And by the way, the IBM sponsored Cost of Data Breach Study conducted by the Ponemon Institute found that a data breach costs a company in the U.S. $7.3 million, on average.
Of course, we also know that no matter how prepared you are, if your partners, vendors, suppliers or customers experience a significant data breach, it affects you too. According to a story in Supply Chain Dive (SCD), several of Maersk’s terminals that were affected by the Petya attack caused operations to stop or slow, globally. But, said the SCD story, “the impact on freight was not limited to port operations as the world’s largest container carrier’s booking system was also shut down due to the cyberattack. Freight forwarders and shippers, then, were also directly affected.”
That said, what steps can you take to secure your manufacturing facility and processes from a cyberattack?
For starters don’t rely on air-gapping computers. You're probably not doing this, but just in case...
Air gapping physically, electromagnetically, and electronically isolates a computer, computer system or network from other networks. Air-gapped computers cannot communicate with each other, except by physical devices — a disk, thumb drive, etc. However, this 2014 story from WIRED explains why that’s no longer true.
One expert offered this to-do list if you want to secure air gapped computers:
But really, who isn’t networked? That’s how business is done these days. How should you secure your network from potential attack?
Let’s start with some foundational principles:
Where are the natural points of ingress? What sort of data do you have that a hacker might want? Who has access to it? Should you limit that access?
The Ponemon study found that 23 percent of data breaches occur due to employee negligence/error. Do your people know who to contact and initial measures to take in the event of a data breach or attack? Have you conducted cybersecurity training across all divisions? Do you keep your employees up-to-speed on what to look for or potential threats? Teach your people how to recognize different cyber threats including phishing, malware, spoofing and systems hacking. Make sure they know to speak up if they see something unfamiliar or not quite right.
Begin with preventive controls, which protect and defend attacks from occurring. Make sure you’ve installed all your operating system’s updates, and that you update regularly. Expand to detective controls which will alert you to any breaches in your network. Finally include corrective controls to solve the crisis and mitigate further damage.
Make sure any individual or company that can access your data is aware of your cybersecurity protocols and follows them. As far as possible, partner with your suppliers to protect sensitive information or data.
I hate to say it, but the hackers are getting better at anticipating our next moves. If cybersecurity is something that's been on your company's back burner it's time to move it to the front and start cooking.