Data Security Considerations for Manufacturing Companies

October 16, 2018

Data and cybersecurity is becoming an increased focus in business, especially in manufacturing. Your company needs to take steps to secure against hackers and other potential threats to ensure your product and people are safeguarded.

Are you aware of what threats exist and how your company can defend against them? As technology and AI become increasingly refined and advanced, you need to stay abreast in offensive tactics to protect your people and company. As your field is ever-changing, so are the tactics of hackers.

Data Security and Manufacturing Risks

Many manufacturing companies are increasingly using automation and AI to perform common workplace jobs. The potential increase of these capabilities in the future could put your business at greater inherent risk, as cybersecurity attacks could use weaknesses in your systems as a vantage point for accessing your information. A slight change in your product lifecycle management or manufacturing execution could have huge impacts to your business, putting your workers and data at risk.

Not holistically considering all the risks and impacts that emerging technology might have on your organization is another one of the greatest risks. While reacting to certain existing risks that might have gained media attention, you must also consider uncommon threats or even those your company may have addressed some time ago. Common threat areas include lack of formalized security governance, outdated control processes, and outdated technology, which can all put your business at risk of a cyber-attack.

Emerging technologies present exciting opportunities for business, but in order to adopt new emerging technologies you must also consider new threats. Process automation, internet of things, AI, and blockchain – all of these new areas of your company need to be vetted against security standards to ensure your data safety.  Consider the confidentiality of data within your internal networks and any business devices that connect to manufacturing equipment in conjunction with the information shared with third party providers.

Take Action

Securing your sensitive data should be your top cybersecurity priority. What are your greatest risks? Create a comprehensive program for risks to the company and be prepared to react accordingly. Take an inventory of your risk footprint – your overall cyber risk. Be sure to take the following actions into consideration:

Design, implement, and maintain. While you may have secured your data, you should also have an action plan for if your company ever were to get hacked. Ensure your company has employees who specialize in cyber and data security, or that you have contracts with qualified companies, in order to strengthen your security.

Prevent, detect and respond. It’s not “if,” it’s “when.” To control the costs and minimize the scope of a security breach, have a realistic plan in place and know the costs associated with ceasing and responding to a hack.  Ensure you stop the hack as soon as possible and notify those who are affected. An organized incident response program will help your company know what to do when it is time for action. With the right defenses, you will have better success in managing a cyber-attack in a timely manner, but it is in your best interest to have a plan for when that time comes.


About the Author
Steve Ursillo, CPA, CISA, CISSP, CCSFP, Partner, serves as National Leader of Information Assurance and Cybersecurity for Cherry Bekaert LLP. He specializes in risk management, internal control over financial reporting, information system security, privacy, cyber fraud prevention and detection, security and privacy governance, and IT assurance services.