Articles and News

With the adoption of a digitalization strategy, PETRONAS has found that cybersecurity must be approached from a more holistic perspective.

Industrial Ethernet switches can help safeguard Industry 4.0 networks from intruders.

This coveted certification was awarded to Moxa's flagship industrial secure routers, the EDR-G9010 and TN-4900 Series.

Learn about drafting and writing an IT/OT cybersecurity strategy for any #criticalinfrastructure or given industrial organization

The N-Tron Series NT5000 Gigabit Managed Layer 2 Ethernet switches have been voted the winner in the Automation & Controls category.

Cyolo elevates OT security with release of Cyolo 4.3 and KuppingerCole report on OT cybersecurity landscape, key architectures and functionalities, and regulatory compliance.

ISAGCA would like to get a better idea of how its parties are using ISA/IEC 62443 with a brief yet comprehensive survey

The online course will help participants upgrade their skills in this growing technology.

Here are some key best practices that global organizations are using to reduce cyber risks and improve operational efficiencies.

Understand why the food industry is targeted by cybercriminals?

The one-of-a-kind annual event will be held at the Boston Convention and Exhibition Center, Nov. 6-9, and is expected to attract over 10,000 participants from around the world to Discover What's Possible with the hottest innovations, the smartest experts and the latest strategies.

Skkynet has announced fiscal quarter-end performance for Q3 2023, delivering exceptional sales growth of 19%.

While TSN will change over time, automation vendors can benefit from considerable gains by providing innovative capabilities to their devices now and leverage firmware upgrades for future compatibility.

60% of incidents result in operational disruption, driving the need for proactive OT defenses and incident response.

The cloud-based Centrix platform proactively secures all assets, remediates vulnerabilities, blocks threats and protects a company’s entire attack surface.

Even if you have up-to-date antivirus software, there’s still a chance ransomware can infect your computer. If cybercriminals know what they’re doing, they can easily evade scans and bypass your protections.

Supply chain disruptions are among the most pressing issues for today’s manufacturers. While geopolitical tension and events like the COVID-19 pandemic have taken the spotlight in this area, another risk factor — cybersecurity — deserves attention, too. Upstream and downstream supply chain attacks pose serious risks to manufacturers and their partners. As manufacturers embrace Industry 4.0 technologies, their cyber vulnerabilities throughout the supply chain rise. Many organizations now realize the need to address these risks, but fewer understand that an interconnected supply chain means shared weaknesses between parties. The Importance of Supply Chain Cybersecurity Manufacturing experienced the most cyberattacks of any sector in 2022. One of the primary reasons manufacturers are such popular targets is because their attack surfaces are massive. In addition to a skyrocketing number of internet-connected devices, they have extensive third-party dependencies, opening them to supply chain attacks. Supply chains have digitized to increase efficiency and reliability, and parties share vast amounts of data. A manufacturer’s upstream suppliers, 3PLs and downstream partners may all have access to their systems and sensitive data. Consequently, an attack on one entity in the supply chain can affect everyone involved. One such attack in 2022 led an automaker to fall 13,000 vehicles behind production targets despite not targeting the manufacturer directly. Instead, it hit a parts supplier, leading to a network shutdown at its facility. As a result, the supplier couldn’t fulfill orders or communicate with its downstream customers. Other attacks could target a software provider to steal sensitive customer information from manufacturing partners. If a breach from a downstream supply chain partner reveals enough personal information about a manufacturer’s customers, it could also land them in legal trouble. These situations will become more likely as cybercriminals realize how much disruption they can cause through one attack. How to Reduce the Risk of Supply Chain Attacks Given how severe supply chain attacks can be, manufacturers must prevent them whenever they can and mitigate them when they can’t. Here are some strategies to reduce the risks of upstream and downstream attacks. Conduct a Risk Assessment Supply chains are large and complex, so it can be challenging to know your weak points. Consequently, performing a cyber-risk assessment is essential to reveal what makes your chain vulnerable and how you can address it. Third-party risk assessments should involve network mapping to show dependencies and penetration testing to judge the strength of existing cybersecurity measures. These services incur extra expenses but save money in the long term by preventing costly attacks. The average cost of a data breach in the U.S. reached $9.44 million in 2022, so the upfront cost is well worth the investment. You can’t defend what you don’t know is vulnerable, and that’s precisely what a risk assessment reveals. These tests should look at a manufacturer’s internal controls and processes and those of their upstream and downstream partners. Many organizations likely give too much access and information to too many parties. Thorough assessments bring these to light to inform more effective changes. Hold Supply Chain Partners to a Higher Standard Manufacturers should require more from their upstream and downstream partners. Just as some companies only work with those who meet certain ESG criteria, manufacturers should require proof of high security standards before working with anyone. This selection begins with researching potential partners’ security backgrounds before reaching out. Any business that has experienced a major breach or handled a cybersecurity incident poorly is a liability. You should also look for third-party security standards like ISO 27002 or NIST SP 800-53 certification. It’s important to remember that you can’t reasonably ask for something you don’t achieve on your own end. Manufacturers also should pursue cybersecurity certifications to offer assurance that they won’t jeopardize partners’ data either. Minimize Access Privileges Even if everyone in the supply chain meets higher security standards, attacks are still possible. No defense is 100% secure, and even the most experienced employees can still make mistakes that let attackers in. Given these risks, manufacturers must restrict who can access what data. The safest solution is to implement the principle of least privilege. This holds that every user, app and device should only be able to access the data and systems it needs to do its job. This may seem like limiting visibility at first, but it ensures one breach at any point in the network can’t jeopardize all your data. Minimizing access privileges is also an important way to stop insider threats. Over half of all organizations have experienced one in the last year, so preventing internal breaches is crucial. These are usually a matter of human error rather than malicious employees, but the effect is the same. Implement Continuous Monitoring Many technical controls necessary to stop supply chain attacks vary depending on the specific technology in use. However, some are essential in every situation. That’s the case with continuous monitoring. Continuous monitoring uses artificial intelligence (AI) to watch for suspicious activity across company devices and networks. If something off occurs — such as unusually large file transfers or a user trying to access a database they don’t normally need — the AI stops it and alerts IT staff. These quick responses are crucial for preventing internal and external breaches. Using AI also removes the need for a dedicated security operations team and enables faster, more accurate warnings. Create a Backup and Recovery Plan Even if every party in the supply chain implements these other steps, breaches are still possible. Despite rising awareness around cybersecurity, 68% of all organizations have experienced a cyberattack in the past year. These occurrences are too common to assume they’ll never happen to you, so you need a backup plan. Manufacturers must keep backups of all sensitive data and mission-critical systems, both offline and in the cloud. Every organization in the supply chain also needs a formal process for using these backups to recover from a breach. That plan should include communicating the breach to affected parties and several mitigation measures. Supply chain organizations should review these plans annually to ensure they’re still relevant and effective. Repeated risk assessments can also help by revealing any new vulnerabilities to address. Supply Chain Attacks Demand Attention Supply chain attacks can be devastating and happen in any part of the process. While digitization is important, cybersecurity improvements must be part of manufacturers’ initiatives to address the resulting vulnerabilities. Effectively mitigating these threats requires cooperation among all a manufacturer’s partners. These broad shifts can be challenging but are far less costly and disruptive than a successful attack. Security is always worth the effort.

Quantinuum’s advanced technology provides heightened protection against threats to end users and critical infrastructure.

FORT Robotics has announced that its Endpoint Controller—which brings safe, secure, dynamic wireless control to mobile, automated or autonomous machines—has received SIL 3 functional safety certification, as defined by IEC 61508.

As our world becomes increasingly interconnected, the intertwining web of Operational Technology (OT) and the Internet of Things (IoT) is quickly becoming the next frontier in the digital age