Manufacturing
We all use manufactured goods, and many of those products have been processed with some kind of automation. If disruption occurs on these manufacturing systems then we may not immediately think that the problem is a cyber attack. However, from experience we know that it is possible for factories to receive cyber attacks, and in fact it has happened and attacks (successful and unsuccessful) are commonplace.
The reasons for cyber attacks on large scale companies are many, but include:
State-based attacks
Corporate espionage
Disgruntled employees
Accidental/Unknowing actors
or a combination of any/all of the above
Why ARE Manufacturers vulnerable to cyber attacks?
Manufacturers, like many industrial organisations, want to see efficiencies in their automation systems. For this reason, they are investing in newer supervisory and data analysis systems (Industry 4.0) which connect existing Operational Technology (OT) networks with Information Technology (IT) networks and Industrial Internet of Things (IIoT) networks.
Unfortunately, this opens up the OT network to increased threat of cyber attack. If disruption were to occur on OT systems, then business continuity could slow down to a complete halt.
Cyber Security Regulation - Your responsibilities
Ask yourself
How are you managing cyber security risk?
How are you protecting against cyber attacks?
How are you detecting cyber security events?
How are you minimising the impact of those incidents?
Although manufacturers are not under the same regulations as critical national infrastructure. They are under more pressure from consumers and from competitors to ensure a most robust and “up-to-date” service. From a cyber security perspective it is advised to follow the NCSC Cyber Assessment Framework (CAF), which is tailored too owners and administrators of OT. More IT-specific standards are also available, such as ISO 27001.
We can help you
We have years of experience in cyber security, digital forensics, incident response and software engineering. We also understand the unique challenges and requirements of Operational Technologies (OT). We develop software solutions from the ground up with these OT-specific challenges and requirements in mind, and we know that we cannot simply re-purpose (or rebrand) existing IT tools.
Perhaps you would like to make the whole NIS Directive auditing process a lot simpler, and a bit more collaborative - avoiding complex excel spreadsheets with dodgy versioning. Profile is built with the NCSC Cyber Assessment Framework (CAF) at its core, with more standards and regulations being supported. If this sounds of interest, then Profile is definitely for you.
Maybe you are looking for a more in-depth understanding of the OT assets and their vulnerabilities, but in a way that is automated but still safety and security critical. Dot currently has support for Modbus, Siemens S7, DNP-3, Ethernet-IP and more. If this sounds of interest, then Dot is for you.
Or perhaps you are looking for something a bit more bespoke, or require some consultancy. If we can help, we will. If we can’t help, then we will work with our partners to deliver the services and systems that you require.
Contact us today to get a quote, or to just chat about possibilities - with a guarantee of no hard-sell.
hello@awencollective.com