Cybersecurity: 4 Things OEMs Should Do to Protect Themselves

Reading time ( words)

In today’s increasingly connected world, cybersecurity is a real concern for businesses. Recent high-profile cases of cyber attacks, such as the ransomware that hit the NHS, have exposed the vulnerabilities in our systems, and analysts stress that attacks are becoming increasingly sophisticated and more frequent. 

For manufacturers, there is a heightened cause for concern—manufacturing has been declared one of the top three most targeted industries for cyberattacks. And while Industry 4.0 and expansion into cyber-physical systems (CPS) will have a positive impact on the industry in terms of increasing efficiency, they open the door to even more security risks such as a hacker taking over production, or changing the output of the manufacturing process.

The effects of cyberattacks can be catastrophic for manufacturers; personal and corporate data can be compromised, company reputation damaged, and disrupted or lost productivity is guaranteed to have a major hit on revenue.

Cybersecurity will certainly be a priority for most original electronics manufacturers (OEMs). So, what are the things they should be doing to protect themselves?

1. Start with the workforce

Making IT security a part of work culture is a vital starting point. You may argue that in the digital world of today everyone is already aware of nefarious ‘phishing’ scams and how to handle them. It’s likely that each of your employees will have received at least one suspicious email in the last week or month. But the sophistication of these e-mails is increasing which means educating staff on the latest tactics needs to be on-going.   

OEMs therefore have a responsibility to ensure that everyone in their organization is aware of the risks and equipped with the right information on how to mitigate against them. OEMs should train staff to ensure they are aware of ‘do’s and don’ts’ (e.g., not opening unexpected email attachments, clicking on links, best practice for passwords, etc.), and implementing formal company-wide standards that hold employees accountable. 

2. Keep safeguards up to date

OEMs will want to ensure they have preventative measures in place to minimize the risk of an attack being successful. There are many software solutions available that can spot and block malware and other potential threats, as well as more enhanced software tools that ‘listen’ to all the activity on a computer network and detect anything unusual.

But these systems and, indeed, many of the software solutions all businesses use will regularly release updates or ‘patches’ to fix vulnerabilities that can be exploited by cyber attackers to install ransomware. The NHS case is a prime example of how key this is—the attack could have been avoided by the proper application of a new patch for Windows that had been released two months earlier. Being vigilant and proactive in ensuring patches are up to date on all software systems will help guard against the latest threats.

3. Make sure data is securely backed up

Aggressive malware or viruses can corrupt files and disable computers, causing significant downtime and a substantial loss of revenue. OEMs will need to invest time and money into developing a comprehensive backup strategy to avoid disruption to production schedules. A three-tier approach to this may be considered; daily file syncing, regular backups of user machines on easily accessible storage devices isolated from the rest of the network, and long-term backups where everything your company needs to recover in case of an emergency is physically isolated in heavily secured centers.

4. Establish an incident-response (IR) plan

The harsh reality is that if a hacker is set on finding a way into your system, there’s not much you can do to stop them. Therefore, OEMs should invest in developing an incident-response (IR) plan to manage breaches in the event of an incident. An effective IR plan will limit damage and reduce recovery time and costs.

McKinsey have developed a list of nine guiding principles that should be reflected in any IR plan. They include assigning an executive to have ongoing responsibility for the plan, developing a taxonomy of risks, and in the event of an incident; having an established process for making major decisions and ensuring everyone knows what to do.

It’s clear that cybersecurity is not just an IT issue—it’s much bigger than that. It’s a business management issue; reliant on rigorous planning and analysis, a consistent focus, and internal communication and training. And the threat to cybersecurity is not static; it’s critical that OEMs keep a finger on the pulse of the latest risks, and where appropriate communicate these internally.

Developing an effective strategy is a big investment (in terms of both time and costs), but the increasing prevalence and advancing complexity of cyberattacks is a genuine threat that OEMs need to be ready for.


Suggested Items

Reflow Perspectives to Flex Circuit Assemblies

07/13/2018 | Stephen Las Marias, I-Connect007
At the recent NEPCON China 2018 event in Shanghai, I spoke with Ralf Wagenfuehr, plant manager at Rehm Thermal Systems, to gain insight into flex circuit assembly, and the challenges of reflow soldering. He also speaks about the need for industry forums focused on soldering flex printed circuits.

Enabling an Intelligent Supply Chain for Electronics Manufacturing

06/19/2018 | Thilo Sack, Alex Chen, James Huang, and Sam Khoo, CELESTICA INC.
The first three industrial revolutions came about because of mechanization, electricity and IT. Now, with the advent of the Industrial Internet of Things (IIoT) and services making their way into the manufacturing environment, we are seeing the arrival of a fourth industrial revolution, Industry 4.0.

RTW NEPCON CHINA: Rehm Discusses Reflow Strategies to Reduce Voiding

05/10/2018 | Real Time with... NEPCON China
At the recent NEPCON China 2018 event in Shanghai, Ralf Wagenfuehr, plant manager at Rehm Thermal Systems in China, speaks with I-Connect007’s Stephen Las Marias about their latest advancements in reflow oven technology, as well as on strategies to reduce voiding.

Copyright © 2018 I-Connect007. All rights reserved.