Kowatek Solar LTD
OpenAI Expands Daybreak to Help Defenders Patch Flaws
14:33
OpenAI Expands Daybreak to Help Defenders Patch Flaws
Published at Ceramics International – Upcycling copper slag into high-performance spinel-based ceramics with integrated solar absorption and storage
09:15
Published at Ceramics International – Upcycling copper slag into high-performance spinel-based ceramics with integrated solar absorption and storage
Engineers Explore Pneumatic Air Spring Actuation for 30-40 Percent Boost to Outputs of Industrial Energy and Rural Solar Farms
17:53
Engineers Explore Pneumatic Air Spring Actuation for 30-40 Percent Boost to Outputs of Industrial Energy and Rural Solar Farms
Climate fiction envisions the future of hurricanes and sea level rise » Yale Climate Connections
11:10
Climate fiction envisions the future of hurricanes and sea level rise » Yale Climate Connections
Sunshine & Heat Pumps — How Greece Does Net Zero
17:54
Sunshine & Heat Pumps — How Greece Does Net Zero
ARENA commits AU$95.4 million to extend ACAP to 2033
09:20
ARENA commits AU$95.4 million to extend ACAP to 2033
Do You Have The Right Inverter For 3 Free Hours Of Power?
09:18
Do You Have The Right Inverter For 3 Free Hours Of Power?
Enphase Energy brings microinverter tech to data centres
09:17
Enphase Energy brings microinverter tech to data centres
Ohmium and Hynfra partner on green hydrogen
09:16
Ohmium and Hynfra partner on green hydrogen
HVR Solar signs MoU for 1.2GW TOPCon cell manufacturing plant
17:54
HVR Solar signs MoU for 1.2GW TOPCon cell manufacturing plant

How to Reduce Exposure on the Manufacturing Attack Surface

Manufacture attack surface

Digitization efforts are connecting once-separated operational technology (OT) and corresponding information technology (IT) environments. This digital transformation of the factory floor has accelerated the connection of machines with digital systems and data. Computer systems that manage and monitor digital systems and data are added to the hardware and software used to manage and monitor industrial equipment and machinery, connecting OT and IT.

Such connectivity increases productivity, reduces operating costs, and speeds up processes. However, this consolidation also increased security risks for the organization, making manufacturers more vulnerable to attack. In fact, in 2022 alone, he had 2,337 breaches of manufacturing systems, 338 of which had confirmed data breaches (Verizon, 2022 DBIR report).

Ransomware: A growing threat to manufacturers

The nature of attacks has also changed. In the past, attackers have aimed for espionage and may have targeted manufacturing companies to steal intellectual property (IP) and secrets. But now, ransomware attacks and attacks with stolen credentials are much more prevalent.

Manufacturing will be the most targeted sector for ransomware attacks in 2022, with an 87% year-over-year increase in ransomware attacks. This is because manufacturers hate downtime. Or, as Verizon puts it in his 2022 Data Breach Industry Report, manufacturing is “an industry where availability equals productivity.”

Despite understanding the risks, many manufacturers are still unprepared to deal with attacks. According to the Security Scorecard, nearly half, or 48%, of the manufacturers reviewed received a C, D, or F score for security. This comes at a high price. According to IBM’s “The Cost of a Data Breach” report, the average cost of a data breach of critical infrastructure is $4.82 million.

Recent high-profile incidents, such as the ransomware attack against the Dole Company, one of the world’s largest fruit and vegetable producers, show just how devastating these attacks can be. The company was forced to temporarily close its production facilities in North America.

In August, two Luxembourg-based companies were hit with ransomware. Attackers compromised the customer portal and exfiltrated data from the system. And, of course, the infamous Colonial Pipeline incident, a prime example of a cyber-attack against critical infrastructure. These are just a few examples, there are many more.

What can manufacturers do to protect themselves?

5 Steps Manufacturers Can Take Today to Reduce Attack Surface Exposure

Mitigating the risk of cyberattacks is essential to ensuring that the factory floor continues to operate without interruption. Here are five steps manufacturers can take to mitigate cybersecurity risks.

1 — test many times

Get a real-time view of your security posture by regularly testing and assessing your organization’s network and infrastructure. Repeated testing helps identify real-world vulnerabilities that attackers can exploit. It also enables security managers to assess the effectiveness of their security controls, identify areas for improvement, and adjust their security programs and stacks. This also gives you a competitive edge by ensuring constant productivity by preventing attacks and proactively eliminating operational downtime.

Use industry-standard frameworks such as MITER ATT&CK and OWASP to reliably test the most prevalent attack types and techniques.

2 — Automate your security process

Automation makes optimal use of time and resources. Such efficiencies streamline operations and reduce the time and effort required to identify and respond to security threats. Therefore, it is recommended to automate security measures. For example, automate network testing.

Automation creates standardization, consistency, accuracy and prevents errors. As a result, you can extend and expand the scope of your security measures in a cost-effective manner. Additionally, automated systems are often easy to use, allowing control at the click of a button. This makes it easy for any user to surface risks by letting the platform do the work. When choosing automation tools and platforms, make sure your programs are secure by design. Implement a reliable solution with no downtime.

3 — Take an Adversarial Perspective

No one thinks more “manufacturer” than you, but when it comes to security, it’s time to put on the “attacker’s hat.” Hackers are looking for every possible way to exploit the network and are not waiting for a playbook to do so. Think outside the box and apply different perspectives and analytical methods. Thinking like a hacker is the greatest attack.

By taking an adversarial perspective, vulnerabilities and weaknesses can be proactively identified through attack chain validation and mitigated before they can be exploited. In the long run, putting yourself in the shoes of an attacker can help you develop better security strategies and minimize the likelihood of an attack and the extent of your explosion should an attack occur.

4 — Prioritize patching based on actual risk

Prioritizing vulnerability remediation based on business impact is the most cost-effective way To reduce risk and reduce exposure Start by patching critical vulnerabilities and threats that can have the greatest impact on business operations, based on evidence-based testing. Instead of making assumptions, examine your tests to see which security gaps create a “kill chain” that has real impact. youand proceed to repair them first.

Prioritization also helps eliminate the “noise” caused by too many security warnings. Even small businesses need to organize alerts from security tools, resulting in an unmanageable volume of alerts.

5 — Benchmark your security posture

Continuously testing your attack surface at regular and frequent intervals allows you to continuously benchmark your security posture. This helps improve security in a number of ways.

  • Measure the effectiveness of your security measures against industry standards and best practices.
  • Indicates areas for improvement as a result of a successful repair.
  • Demonstrate compliance with industry regulations and standards.
  • Gain valuable insight into your security posture and strategy to make more informed decisions.

How Automated Security Verification Helps Manufacturers

An automated security validation program provides context and accuracy in validating your organization’s attack surface. With a minimal setup that requires no agents or pre-installation, manufacturing company security and IT teams can safely challenge the full attack surface and deploy the most damaging identify security gaps. This greatly enables teams to expand their security efforts and minimize exposure to the IT-OT attack surface.

visit pentera aio Learn more about automatic security verification here.

Did you enjoy this article? Follow us twitter You can read more exclusive content we post on LinkedIn.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us