Cybersecurity: 4 Things OEMs Should Do to Protect Themselves

Reading time ( words)

In today’s increasingly connected world, cybersecurity is a real concern for businesses. Recent high-profile cases of cyber attacks, such as the ransomware that hit the NHS, have exposed the vulnerabilities in our systems, and analysts stress that attacks are becoming increasingly sophisticated and more frequent. 

For manufacturers, there is a heightened cause for concern—manufacturing has been declared one of the top three most targeted industries for cyberattacks. And while Industry 4.0 and expansion into cyber-physical systems (CPS) will have a positive impact on the industry in terms of increasing efficiency, they open the door to even more security risks such as a hacker taking over production, or changing the output of the manufacturing process.

The effects of cyberattacks can be catastrophic for manufacturers; personal and corporate data can be compromised, company reputation damaged, and disrupted or lost productivity is guaranteed to have a major hit on revenue.

Cybersecurity will certainly be a priority for most original electronics manufacturers (OEMs). So, what are the things they should be doing to protect themselves?

1. Start with the workforce

Making IT security a part of work culture is a vital starting point. You may argue that in the digital world of today everyone is already aware of nefarious ‘phishing’ scams and how to handle them. It’s likely that each of your employees will have received at least one suspicious email in the last week or month. But the sophistication of these e-mails is increasing which means educating staff on the latest tactics needs to be on-going.   

OEMs therefore have a responsibility to ensure that everyone in their organization is aware of the risks and equipped with the right information on how to mitigate against them. OEMs should train staff to ensure they are aware of ‘do’s and don’ts’ (e.g., not opening unexpected email attachments, clicking on links, best practice for passwords, etc.), and implementing formal company-wide standards that hold employees accountable. 

2. Keep safeguards up to date

OEMs will want to ensure they have preventative measures in place to minimize the risk of an attack being successful. There are many software solutions available that can spot and block malware and other potential threats, as well as more enhanced software tools that ‘listen’ to all the activity on a computer network and detect anything unusual.

But these systems and, indeed, many of the software solutions all businesses use will regularly release updates or ‘patches’ to fix vulnerabilities that can be exploited by cyber attackers to install ransomware. The NHS case is a prime example of how key this is—the attack could have been avoided by the proper application of a new patch for Windows that had been released two months earlier. Being vigilant and proactive in ensuring patches are up to date on all software systems will help guard against the latest threats.

3. Make sure data is securely backed up

Aggressive malware or viruses can corrupt files and disable computers, causing significant downtime and a substantial loss of revenue. OEMs will need to invest time and money into developing a comprehensive backup strategy to avoid disruption to production schedules. A three-tier approach to this may be considered; daily file syncing, regular backups of user machines on easily accessible storage devices isolated from the rest of the network, and long-term backups where everything your company needs to recover in case of an emergency is physically isolated in heavily secured centers.

4. Establish an incident-response (IR) plan

The harsh reality is that if a hacker is set on finding a way into your system, there’s not much you can do to stop them. Therefore, OEMs should invest in developing an incident-response (IR) plan to manage breaches in the event of an incident. An effective IR plan will limit damage and reduce recovery time and costs.

McKinsey have developed a list of nine guiding principles that should be reflected in any IR plan. They include assigning an executive to have ongoing responsibility for the plan, developing a taxonomy of risks, and in the event of an incident; having an established process for making major decisions and ensuring everyone knows what to do.

It’s clear that cybersecurity is not just an IT issue—it’s much bigger than that. It’s a business management issue; reliant on rigorous planning and analysis, a consistent focus, and internal communication and training. And the threat to cybersecurity is not static; it’s critical that OEMs keep a finger on the pulse of the latest risks, and where appropriate communicate these internally.

Developing an effective strategy is a big investment (in terms of both time and costs), but the increasing prevalence and advancing complexity of cyberattacks is a genuine threat that OEMs need to be ready for.



Suggested Items

AOI Programs with a Magic Click

12/12/2018 | Jens Kokott and Matthias Muller, Goepel electronic
Production runs of 10–1,000 assemblies are everyday life for an EMS provider. But what if important staff are on vacation, and component deliveries are very much delayed? And then the customer is determined to have AOI, but the layout of the assembly is highly customized, making it virtually impossible to use complete library entries. Here's how AOI programs can help you in these scenarios.

RTW NEPCON South China: Rehm Sees Growing Demand for Vacuum Soldering

09/28/2018 | Real Time With... NEPCON South China
Ralf Wagenfuehr, plant manager of Rehm Thermal Systems (Dongguan) Ltd, speaks with I-Connect007’s Edy Yu about the developments in the company’s convection reflow soldering system, which features a vacuum module, aimed at addressing the increasing demand for vacuum soldering. He also discusses their software developments, as well as how they are helping their customers toward their Industry 4.0 journey.

Reflow Perspectives to Flex Circuit Assemblies

07/13/2018 | Stephen Las Marias, I-Connect007
At the recent NEPCON China 2018 event in Shanghai, I spoke with Ralf Wagenfuehr, plant manager at Rehm Thermal Systems, to gain insight into flex circuit assembly, and the challenges of reflow soldering. He also speaks about the need for industry forums focused on soldering flex printed circuits.

Copyright © 2019 I-Connect007. All rights reserved.