This guest column post, “Wie können sich Produktionsbetriebe effektiv absichern?” written by Ulf Baltin, BlackBerry Managing Director DACH, was originally published in the May 9, 2023 edition of Connect Professional. Excerpted with permission – access the original article here).
How Can Manufacturing Companies Protect Themselves Effectively?
The increasing use of connective technologies in modern manufacturing environments such as automation, IoT, and robotics in combination with old legacy systems leads to new challenges for operational resilience. With a lack of security expertise in the OT segment and the increasing risk of supply chain attacks, it's easy to see why the manufacturing sector has become a prime target for threat actors.
Nobody Should Feel Too Safe
In many places, there is a misconception that some companies are under the radar of cybercriminals. Threat actors, on the other hand, are aware of the easy targets. Manufacturing is the critical infrastructure of the economy and is becoming a focal point for attacks from hacker groups and foreign states. In addition, many experts believe that the future of warfare lies in cyberspace. So the big question is whether the critical infrastructures and industries in Germany are equipped with the technology and expertise to anticipate and prevent attacks.
Use AI to Secure Connected Endpoints
The crux of the matter: When it comes to cyber attacks, there is no immunity. Across all sectors, the attack surface is widening with the proliferation of connected endpoints and the continued migration to digital technologies. Meanwhile, attack methods such as ransomware-as-a-service are targeting a wide variety of companies with ever-changing business models. In fact, the manufacturing industry was the target of ransomware attacks more often than the finance and insurance industries, in the last quarter for the first time in five years.
The Blackberry Global Threat Intelligence Report also shows that vulnerabilities in the digital supply chain are becoming a growing concern. Third-party dependency leads to greater vulnerability, as production environments have limited control over the deployed software — including the risk of compromise. Attackers take advantage of the fact that OT and IoT professionals still have different approaches. Compounding the situation is that younger workers are unfamiliar with older technologies, operating systems, and practices, and there is a widespread shortage of security professionals.
Given the speed and sophistication of cybercriminals, we must leverage artificial intelligence (AI) and machine learning to predict and prevent attacks. Actors who rely on outdated approaches to security based on already known attacks will have to reckon with successful hacks. The chaos that data hacks, malware programs, and ransomware wreak on companies can have a lasting impact on a company's profitability. Instead, a pre-emptive approach stops threat actors at the cusp, using artificial intelligence (AI)-based machine learning models to spot a threat before it executes and before it's known.
Research from Blackberry also shows that the vast majority (79 percent) of IT decision-makers in Germany plan to invest in AI-driven cybersecurity over the next two years. Almost half (42 percent) are still considering an investment in 2023. The majority of companies are already reacting to the actions of cybercriminals, which are becoming ever faster and more cunning.
Preparation is Key
In our experience, most problems lie in insufficient preparation. For example, a company is vulnerable to attacks if it still relies on legacy, signature-based antivirus protection. Businesses need a clear view of the wide range of systems that provide access points to corporate data and networks. Current software for Endpoint Detection and Response must be installed there.
Businesses also need access to experienced professionals who can quickly contain damage and restore operations. If you don't have your own specialists, you should know who to turn to for help if you need it and have a clear process at hand in case of an emergency. In this way, it is possible to effectively prevent the operative business, the image, and the entire business model of an industrial company from being damaged in the event of an attack.
Read the full article and explore relevant topics in Connect Professional here.
For similar articles and news delivered straight to your inbox, subscribe to the BlackBerry Blog.
Related Reading
