We are at war with cybercriminals. With bad actors ranging from organized crime to hostile foreign governments to individual hackers, security defenses are continuously probed and breached. Like any battle, this one requires broad strategies as well as millions of individual efforts.
The individual efforts start with employees. Many security breaches begin with individuals clicking on links in phishing emails. At SME, the staff is learning about these cyberattacks. Through an animated series, we’ve learned about how to avoid becoming victims of a wide array of cybercrimes and protect the SME database. Simple things like deleting phishing emails, changing passwords, using two-factor ID and regularly checking account statements can help foil these attacks.
Big efforts to fight cybercrime are also multiplying. The global safety company UL is targeting cybersecurity challenges created by COVID-19. SME Media interviewed Laurens van Oijen, UL’s cybersecurity solution leader, and he said “Cyberthreats are one of the biggest issues facing global supply chains in 2020 following the uptake of connected technologies and the subsequent expansion and diversification of supply chains. Organizations have either limited or no access to certain suppliers, have to find new suppliers ..., or move supply chain operations to other regions,” at a time when organizations may be less focused on cybersecurity. “A second factor … is that a large number of people are now working from home,” opening new vulnerabilities to corporate databases.
What to do? “Assess internal and supply chain security and start internal conversations with affected departments, such as procurement,” said van Oijen. Vendor assessment should be linked with risk management.
Likewise, security firm Claroty found that industrial control system (ICS) vulnerabilities are most common in the manufacturing, energy, and water/wastewater sectors. More than 70 percent of ICS vulnerabilities disclosed in the first half of 2020 can be exploited remotely, so Internet-facing ICS devices and remote access connections must be protected, according to Claroty’s “Biannual ICS Risk & Vulnerability Report.” Impacts include remote code execution (RCE), possible with 49 percent of vulnerabilities; the ability to read application data (41 percent); cause denial of service (DoS) (39 percent); and bypass protection mechanisms (37 percent).
In the future, the workforce must be far more aware of cyberdefense. That is the driving force behind an effort from MxD, the Manufacturing USA Digital Manufacturing Institute, and ManpowerGroup to produce “The Hiring Guide: Cybersecurity in Manufacturing 2020.” The report identifies “the CyberME workspace and work roles needed now and into the future,” and is available for download from MxD.
In World War II, “Uncle Sam” said, “We want you for the U.S. Army.” Today, he might say, “We want you to help fight cybercrime.”