Security Posture Surveys: Find Out What’s Happening Inside Your Plant
- July 13, 2021
- Best Practices
- Automation
Manufacturing seems to be the new target for cyberattacks.
The FBI’s Cyber Division reports that cyberattacks increased by 400% to reach 4,000 attacks per day across all industries during the height of the pandemic. Research by security company Dragos reveals that ransomware attacks specifically against manufacturers tripled in the last year alone. And, in 2020, research from Deloitte and the Manufacturers Alliance for Productivity & Innovation found that 40% of manufacturers experienced a cyberattack in the past 12 months.
As plants continue their digital transformation journeys, security issues could have increasingly far-reaching impacts on productivity, reputation, and the bottom line. Depending on the size of your plant, thousands of network-connected devices could be in play—each one susceptible to threats.
Where does your plant rank in terms of its cybersecurity efforts? Do you know where you’re most vulnerable? Do you know where to begin if you want to improve security on the manufacturing floor?
A security posture survey is a good starting point. We can take a real-time snapshot of your OT environment’s operational technology and security hygiene by spending a day at your plant to:
- Plug into switches and capture packets for network diagnosis
- Evaluate each piece of data flowing through your network
- Assess traffic for potential security alerts or problems
Through this analysis, the survey reveals your most critical vulnerabilities, including:
- Malicious behavior that isn’t expected within an OT environment
- Suspicious network activity that may indicate the presence of malware
- Unsupported operating systems that are end-of-life or no longer receive security patches or updates
- Communication between your devices and ghost assets
- Malicious IP addresses
- Devices that are remotely exploitable, require no privileges, or require no user interaction
Within a few weeks of survey completion, you’ll receive a comprehensive report that identifies each device, what it has access to, and where traffic is coming from and going to on each device. Based on that information, a hygiene score— from low risk to critical risk—is calculated for each device.
These scores take into consideration what would happen if the device were compromised (what kind of impact would it have on the manufacturing floor?). The goal of a security posture survey is to narrow in on the biggest vulnerabilities—the ones that may cause a plant shutdown or lead to compliance issues.
The survey also provides a good baseline for security posture based on your existing policies and procedures. You’ll walk away with a good understanding of what needs to be corrected and mitigated, as well as which existing policies and procedures are helping you maintain appropriate security levels.
In addition to knowing exactly what and where your issues exist, the report also details practical mitigation strategies, whether they include patching a server, updating a machine, or establishing a new firewall. To make the biggest impact, we recommend addressing critical- and high-risk vulnerabilities first. Once those are taken care of, you can decide when (or if) to tackle the lower-risk vulnerabilities.
Van Meter’s in-house team has the knowledge and expertise to conduct customized security posture surveys for plants of all types and sizes. Through our strong industry partnerships, we can also pull in partners for additional insight and diagnosis when needed.
Want to learn more about security posture surveys or the process we follow? Are you curious about what a security posture survey might reveal about your network? Send me a note. I look forward to sharing my cybersecurity expertise with you!
Want to make sure you’ve got these six safety essentials ready to go when the temperatures skyrocket in a few weeks? Give Van Meter a call, and we’ll get you what you need! We keep these items all in stock so they’re ready for you right away.
ARTICLE BY:
GAVIN PALMA
EMPLOYEE-OWNER, AUTOMATION NETWORK ENGINEER
For more information, please reach out to your sales representative or call 1-800-247-1410.