Risk vs. Reward: Cybersecurity in Modern Manufacturing Environments


The technology advancements available to modern manufacturers have been welcomed by the industry with open arms because of their ability to lower costs while increasing quality and efficiency.  Unfortunately, like many things of value, they come at a steep price: increased cyber risk.

A recent report conducted by Deloitte and MAPI (Manufacturers Alliance for Productivity and Innovation) studied how manufacturing’s increasing reliance on connected products, while part of a positive move towards modernization, has also made companies more vulnerable to cyber risk. The study, aptly titled “Cyber Risk in Advanced Manufacturing,” focuses on six emerging themes that highlight these growing risks. The survey results are from 260 manufacturing executives, 35 who were interviewed live and 225 who participated in an online survey.

The following is a summary of the six themes analyzed in this report:

Executive and board-level engagement:  The study found that although IT security professionals may be expressing concern unless a major breach has occurred, the subject of cyber risk is failing to find its way to the boardroom. For instance, C-level executives and the board are getting only yearly reports on their cybersecurity status, often without receiving quarterly updates. This means when it’s time to allocate budget, cybersecurity isn’t top of mind. To illustrate, the study found that one-third of respondents had either decreased their cybersecurity budget or it remained flat over the previous year, and two-thirds said security gets only from three to 10 percent of their annual IT spend.

Talent and human capital: Respondents stated that four of the top 10 cyber threats they face involve company employees and include phishing and pharming attacks, intentional abuse of IT systems, errors and omissions and mobile device vulnerability. Most participants recognized the importance of cybersecurity and a shortage of qualified IT personnel, however, 40 percent stated that their CISO doesn’t report to either the CEO or the CIO.  In fact, ownership over cyber risk is often fragmented across different departments, leaving CISOs with limited visibility and impeding their ability to influence policies and risk management strategies.

Intellectual property (IP): More than a third of respondents felt that IP theft was the main reason they might be targeted, yet many of them hadn’t initiated data loss prevention (DLP) programs.  Adding to this situation, in 42 percent of companies, data loss prevention was the responsibility of someone other than the CISO or the CIO. In many cases, it was assigned to the head of R&D or even the head of manufacturing.

Industrial control systems (ICS): The study revealed weaknesses in ICS security with two-thirds of participants reporting they rely solely on internally-conducted cyber risk assessments. Also, although many companies had isolated their networks from outside connections, an approach called “air-gapping,” the study observed that this can have negative consequences because some outside connections can remain intact but not visible. This approach can also limit access to technology that could improve efficiency and lower costs.

Connected products:  Close to half the companies surveyed have mobile apps associated with their connected products and 52 percent stated that these products are able to store and transmit confidential data. Yet, 40 percent do not incorporate these products within the company’s broader incident response plan – creating vulnerabilities requiring a more holistic approach.

Industrial ecosystem: While clients and customers have an expectation that manufacturers will ensure a modern digital environment that’s secure, many of those surveyed are only beginning to assess the cyber risks involved in third-party engagements, including subcontractors, supply chain and other critical partners. In addition, the vast majority (84 percent) are addressing these risks via the contract process alone, with 81 percent using confidentiality or non-disclosure agreements to address third-party cyber risk issues.

How CrowdStrike protects modern manufacturing environments

This survey concludes by suggesting steps manufacturers can take to ensure cybersecurity readiness as they continue to deploy advanced technology. Their recommendations can be summarized as follows: be secure, be vigilant and be resilient. Adherence to these principles is also at the core of CrowdStrike’s approach to endpoint protection. The CrowdStrike Falcon® platform is the only solution that unites next-gen antivirus (AV), which includes machine learning and behavioral analytics, with endpoint detection and response (EDR), and managed hunting in one lightweight, cloud-delivered agent that protects endpoints both online and offline.

A published case study of a CrowdStrike® manufacturing customer illustrates how the Falcon platform protects a modern manufacturing environment. This manufacturer maintains a large, globally distributed network with over 50,000 macOS and Windows endpoints. It had been securing its widely dispersed organization with multiple point solutions that had disparate functionality and required separate management interfaces. The manufacturing industry prides itself on its ability to integrate processes, and the customer wanted to apply those same principles by ensuring an integrated, streamlined approach to security that would reduce risk, improve security and allow coordination among teams so they could respond to issues promptly.

They deployed the CrowdStrike Falcon platform and experienced the security, vigilance and resilience recommended in the study:

  • Security: The customer quickly began to detect advanced attacks targeting its environment, some using malware-free techniques that their existing AV tool had missed. This eliminates “silent failure,” which occurs when infections evade detection and establish persistence.
  • Vigilance: The manufacturer achieved complete endpoint visibility across a complex global enterprise in real-time, improving workflow between the SOC, IR and forensics teams.
  • Resilience: The Falcon OverWatch™ managed hunting team provided 24/7 protection with dedicated security experts proactively searching for threats in the customer’s environment, augmenting the manufacturer’s internal security teams and instantly improving its security posture.

CrowdStrike delivered comprehensive endpoint protection across both macOS and Windows endpoints via a single unified management interface, securing the customer’s globally dispersed environment. This comprehensive protection ensures a more secure manufacturing environment —  one that protects the company’s valuable IP assets while eliminating disruptions that impede productivity.

Read the entire case study:  CrowdStrike Manufacturing Case Study

CrowdStrike Falcon Free Trial

Try CrowdStrike Free for 15 Days Get Started with A Free Trial