Multiple Cyber Security Problems For Manufacturers 

Uploaded on 2025-02-01 in FREE TO VIEW, BUSINESS-Production-Manufacturing

Manufacturing was the sector most exposed to cybersecurity threats for every one of the past three years, according to a 2024 report by the World Economic Forum. The report estimated the average cost of an attack at $4.73m with costs rising by 125% each year. 

While security threats continue to rise, so does pressure on costs. Meanwhile, IT operations are becoming more complex as sprawling and fragmented networks pose a growing operational management challenge.

These issues are closely related. Complexity is a drain on costs and skills. Poorly integrated hybrid networks are also harder to secure. Manufacturers recognise that modernising the network and converging networking and security operations will produce performance, cost and security benefits, but keeping the show on the road is consuming their budgets.

This is the picture that emerges from a survey of manufacturers by Gatepoint Research published last November. Manufacturers in the survey have highly distributed networks covering multiple sites, devices, users and partners, making them an easy target for internal attackers, supply chain threats and ransomware. 42% have between 26 and 100 sites with 12% of respondents operating more than 100 sites.

The report reveals that while many in the sector are moving to adopt cloud and hybrid environments, a majority (78%) still operate in mixed data environments, reflecting the unique demands of manufacturing and the prevalence of legacy systems. This creates both opportunities and challenges for implementing solutions that can support multi-cloud and hybrid datacenter setups, secure connectivity across locations, and improved observability into network performance and security. 

Manufacturers recognise where they need to get to but are getting there slowly. 

Converging network and security operations is a top priority for 38% of respondents, but far fewer (22%) have adopted the converged solutions that would make this possible, while 28% are deferring a decision for at least 12 months and 32% have no current plans.
  
Lauridsen Group International (LGI) illustrates how the path to better security starts with network modernisation. Lauridsen comprises six companies making health and nutrition products across 60 locations and 20 countries.
In 2022 the company replaced its mixed SD-WAN and MPLS networking environment with a managed SD-WAN service.

This resulted in immediate operational improvements, reducing the need to deal with multiple vendors for last-mile connectivity services while improving network performance and reliability. 

The next step two years later was adoption of Aryaka’s Unified SASE as a Service to replace a managed Check Point virtual firewall. This enabled LGI to converge networking and security while reducing the number of vendors it needed to manage. It also gave the IT team granular control over user access from all levels of the network, creating tailored rules for anyone interacting with their network.

The LGI example illustrates that progress is fastest when the journey is broken down into manageable steps: 

  • Conduct an audit of security and access needs: Start by evaluating each facility’s security requirements and remote access demands. This will allow you to prioritise the most impactful upgrades.
  • Simplify management via SD-WAN and NGFW: SD-WAN and NGFW work hand in hand to simplify connectivity and security. This combination allows for more efficient policy management, thus enabling uniform security across locations. The move to NGFW also produces tangible operational and cost benefits as it enables consolidation of outdated security appliances. 
  •  Work with partners to secure the supply chain: By ensuring that partners adhere to the same security standards, manufacturers can mitigate the risks posed by external threats. 
  • Monitor supply chain network traffic: By extending network visibility into the supply chain, manufacturers can track and monitor data flows, identify abnormal activities, and detect potential vulnerabilities before they become major threats.
  • Adopt a zero trust architecture: Zero trust principles, which ensure that every user and device is continually authenticated and validated, can be extended to third-party connections. Manufacturers should treat every connection with a third-party vendor as a potential threat, ensuring comprehensive verification before granting access to sensitive systems.

The Gatepoint report clearly shows that manufacturers are prioritising improved security but failing to tackle the network infrastructure issues that stand in the way of progress. It concludes that they can break this deadlock by investing in visibility solutions that enable better identification of risks; adopting managed security services to reduce the burden on internal IT teams; securing applications at the network edge to overcome the challenges of hybrid environments; and converging network and security operations whether through consolidation of operations or improved collaboration between teams. 

Manufacturers have compelling reasons to modernise their networks and improve their security posture. Some are now beginning to join the dots and recognise that tackling these issues together using converged networking and security technology is not only possible but optimal. 

Renuka Nadkarni is Chief Product Officer at Aryaka

Image: Ideogram

You Might Also Read:

The Industries Facing The Biggest Cyber Threats:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Securing Critical Infrastructure From Nation-State Threats  

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Lastline

Lastline

Lastline is the leader in advanced malware protection.

Ikerlan

Ikerlan

Ikerlan is an R&D technology centre specialising in areas including embedded systems, industrial automation and industrial cybersecurity.

Quorum Cyber

Quorum Cyber

Quorum Cyber offer end-to-end cyber security solutions, specialising in Managed Security Services, Consulting and Resourcing.

AllegisCyber Capital

AllegisCyber Capital

AllegisCyber is an investment company with a focus on seed and early stage investing in cybersecurity and its applications in emerging technology markets.

CyberForce Program - US Department of Energy

CyberForce Program - US Department of Energy

The Department of Energy’s (DOE) CyberForce Program is a workforce development program that seeks to inspire and develop the next generation of cyber defenders for the energy sector.

CRYPTTECH

CRYPTTECH

CRYPTTECH specializes in Information Security and Intelligence, Risk Evaluation and Vulnerability Recognition against Cyber-Attacks and APTs.

IUCC Cyber Unit - Israel

IUCC Cyber Unit - Israel

IUCC Cyber Unit safeguards Israel’s National Research & Education Network (NREN).

InterVision

InterVision

InterVision is a leading Strategic Services Provider, assisting businesses in driving value and gaining a competitive edge by helping IT Leaders solve the most crucial challenges they face.

Centre for Cyber Security Belgium (CCB)

Centre for Cyber Security Belgium (CCB)

The Centre for Cyber Security Belgium is the central authority for cyber security in Belgium.

Onclave Networks

Onclave Networks

Onclave Networks is a global cybersecurity leader, transforming the future of securing all IT/OT devices and systems.

Across Verticals

Across Verticals

Across Verticals is a boutique cyber security consulting firm that specializes in holistic, deeply technical and end to end cyber security advisory services based on industry best practices.

Sendmarc

Sendmarc

Sendmarc automates the process of protecting your domain from being used in email impersonation and phishing attacks.

Segra

Segra

Segra owns and operates one of the nation’s largest fiber networks and provides best-in-class broadband and data security solutions throughout the Southeast and Mid-Atlantic.

Orchestrate Technologies

Orchestrate Technologies

Orchestrate Technologies provides computer network and IT managed services for small and mid-market clients as well as small enterprise businesses.

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.