Multiple Cyber Security Problems For Manufacturers 

Uploaded on 2025-02-01 in FREE TO VIEW, BUSINESS-Production-Manufacturing

Manufacturing was the sector most exposed to cybersecurity threats for every one of the past three years, according to a 2024 report by the World Economic Forum. The report estimated the average cost of an attack at $4.73m with costs rising by 125% each year. 

While security threats continue to rise, so does pressure on costs. Meanwhile, IT operations are becoming more complex as sprawling and fragmented networks pose a growing operational management challenge.

These issues are closely related. Complexity is a drain on costs and skills. Poorly integrated hybrid networks are also harder to secure. Manufacturers recognise that modernising the network and converging networking and security operations will produce performance, cost and security benefits, but keeping the show on the road is consuming their budgets.

This is the picture that emerges from a survey of manufacturers by Gatepoint Research published last November. Manufacturers in the survey have highly distributed networks covering multiple sites, devices, users and partners, making them an easy target for internal attackers, supply chain threats and ransomware. 42% have between 26 and 100 sites with 12% of respondents operating more than 100 sites.

The report reveals that while many in the sector are moving to adopt cloud and hybrid environments, a majority (78%) still operate in mixed data environments, reflecting the unique demands of manufacturing and the prevalence of legacy systems. This creates both opportunities and challenges for implementing solutions that can support multi-cloud and hybrid datacenter setups, secure connectivity across locations, and improved observability into network performance and security. 

Manufacturers recognise where they need to get to but are getting there slowly. 

Converging network and security operations is a top priority for 38% of respondents, but far fewer (22%) have adopted the converged solutions that would make this possible, while 28% are deferring a decision for at least 12 months and 32% have no current plans.
  
Lauridsen Group International (LGI) illustrates how the path to better security starts with network modernisation. Lauridsen comprises six companies making health and nutrition products across 60 locations and 20 countries.
In 2022 the company replaced its mixed SD-WAN and MPLS networking environment with a managed SD-WAN service.

This resulted in immediate operational improvements, reducing the need to deal with multiple vendors for last-mile connectivity services while improving network performance and reliability. 

The next step two years later was adoption of Aryaka’s Unified SASE as a Service to replace a managed Check Point virtual firewall. This enabled LGI to converge networking and security while reducing the number of vendors it needed to manage. It also gave the IT team granular control over user access from all levels of the network, creating tailored rules for anyone interacting with their network.

The LGI example illustrates that progress is fastest when the journey is broken down into manageable steps: 

  • Conduct an audit of security and access needs: Start by evaluating each facility’s security requirements and remote access demands. This will allow you to prioritise the most impactful upgrades.
  • Simplify management via SD-WAN and NGFW: SD-WAN and NGFW work hand in hand to simplify connectivity and security. This combination allows for more efficient policy management, thus enabling uniform security across locations. The move to NGFW also produces tangible operational and cost benefits as it enables consolidation of outdated security appliances. 
  •  Work with partners to secure the supply chain: By ensuring that partners adhere to the same security standards, manufacturers can mitigate the risks posed by external threats. 
  • Monitor supply chain network traffic: By extending network visibility into the supply chain, manufacturers can track and monitor data flows, identify abnormal activities, and detect potential vulnerabilities before they become major threats.
  • Adopt a zero trust architecture: Zero trust principles, which ensure that every user and device is continually authenticated and validated, can be extended to third-party connections. Manufacturers should treat every connection with a third-party vendor as a potential threat, ensuring comprehensive verification before granting access to sensitive systems.

The Gatepoint report clearly shows that manufacturers are prioritising improved security but failing to tackle the network infrastructure issues that stand in the way of progress. It concludes that they can break this deadlock by investing in visibility solutions that enable better identification of risks; adopting managed security services to reduce the burden on internal IT teams; securing applications at the network edge to overcome the challenges of hybrid environments; and converging network and security operations whether through consolidation of operations or improved collaboration between teams. 

Manufacturers have compelling reasons to modernise their networks and improve their security posture. Some are now beginning to join the dots and recognise that tackling these issues together using converged networking and security technology is not only possible but optimal. 

Renuka Nadkarni is Chief Product Officer at Aryaka

Image: Ideogram

You Might Also Read:

The Industries Facing The Biggest Cyber Threats:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Securing Critical Infrastructure From Nation-State Threats  

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Conference-Service

Conference-Service

Conference-Service provides a categorised calendar of conferences and events, including Information Security & Privacy.

Synack

Synack

Synack provides a hacker-powered intelligence platform that uncovers security vulnerabilities that often remain undetected by traditional pen testers and scanners.

G DATA CyberDefense

G DATA CyberDefense

G Data developed the world's first antivirus software. We now ensure the security of small, large and medium-sized companies all over the world.

IDnow

IDnow

IDnow is the world’s fastest, most flexible and most secure identity verification platform, delivering instant verification of the identity documents used by 7 billion people.

CyberCareers.gov

CyberCareers.gov

CyberCareers.gov is a platform for Cybersecurity Job Seekers, Federal Hiring Managers and Supervisors, Current Federal Cybersecurity Employees, Students and Universities.

Capsule8

Capsule8

Capsule8 is the only company providing high-performance attack protection for Linux production environments.

Netsurion

Netsurion

Netsurion powers secure and agile networks for highly distributed and small-to-medium enterprises and the IT providers that serve them.

Digital Beachhead

Digital Beachhead

Digital Beachhead has the expertise to provide a range of Cyber Risk Management and other Professional Services with specifically tailored solutions at competitive prices.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.

US Coast Guard Cyber Command

US Coast Guard Cyber Command

US Coast Guard Cyber Command’s focus is to ensure the security of our cyberspace, maintain superiority over our adversaries,and safeguard our Nation’s critical maritime infrastructure.

Devolutions

Devolutions

Devolutions make best-in-class Privileged Access Management, Password Management, and Remote Connection Management solutions available to ALL organizations — including SMBs.

Protexxa

Protexxa

Protexxa is a B2B SaaS cybersecurity platform that leverages Artificial Intelligence to rapidly identify, evaluate, predict, and resolve cyber issues for employees.

OneZero Solutions

OneZero Solutions

OneZero specialize in cybersecurity operations, information assurance, computer network operations, solutions engineering, and project management.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

MIS Solutions

MIS Solutions

MIS Solutions is a managed cloud and IT security partner making technology work for you.