America's Business-to-Business Journal for Industry
   Subscribe      Advertise       Submit News       Feedback       Jobs   
Related News:
More results...
 Featured
Manufacturing Security
1/26/2012 5:24:00 PM - Article #22947
At a time when the manufacturing sector is going through a significant transition with regard to infrastructure, processes and personnel, it is more important than ever to recognize and address the vulnerabilities with respect to data security. This is a serious issue for manufacturers, who are especially vulnerable to the theft and loss of invaluable intellectual property. In fact, manufacturers have actually become the most common target for hackers in recent years. The rise of Advanced Persistent Threats (APTs), sustained and sophisticated assaults from malicious outside entities, poses an especially worrisome danger, a trend that has only been exacerbated by the exploding use of mobile devices, tablets and other portable electronics.

The first step toward reducing the risk of such attacks and protecting valuable intellectual property is to understand and highlight the specific data security risks that manufacturers face before, during and after expansion. Only then can we begin to discuss the critical steps that must be undertaken to bolster data security, and the strategic initiatives that can help to mitigate risk before a system is compromised.

PROBLEM(S)

Data (in)security

As manufacturers understand all too well, the foundation of any industrial company is its unique assets. And while some of those are hard assets—people, materials, structures—oftentimes the most valuable assets are soft assets: the intellectual property. Intellectual property, especially relating to proprietary products and processes (operations, materials, distribution, software, etc.) can be worth billions of dollars, in addition to the prospect of market dominance and invaluable stakeholder confidence. The risks of intellectual property loss fall into two main categories: theft (hackers and actively malevolent entities) and loss (inadvertent exposure). While both present their own issues with regard to designing, implementing and maintaining effective security measures, the implications of a security breach can be equally damaging. 

As recently as five to 10 years ago, sensitive information was rarely outside of secure, corporate-owned assets. Today, however, with the advent of personal mobile devices and tablets, there has been an exponential increase in the degree of vulnerability faced by manufacturers. With new layers of complexity and exposure now factored into the equation, the need for rigorous data security protocols is even more urgent. As part of a recent security analysis, vulnerability assessment and penetration testing was conducted for a manufacturer. The results? Inside of 30 minutes, a security analyst could access literally every piece of intellectual property that company had, from legal documents and patents to sensitive financial and compensation information. While the vulnerability of confidential information is sobering, the implications for a manufacturer if that data is compromised are far more worrisome.

Vulnerability liabilities

Manufacturers are not only more susceptible to a security breach during an expansion, but the implications of a loss or theft of intellectual property are potentially more significant. An expansion into a new region or country, for example, will be greatly hindered by a competitor accessing proprietary information. The loss of competitive advantage creates a new barrier to entry into that untapped market, and the manufacturer now faces an unreceptive marketplace with more potential competitors. That kind of data security breach can have a big impact on a company’s growth targets, which translates to stock price, which translates to executive job security and virtually every aspect of company’s long-term financial stability.

This reality is particularly harsh when planning for international expansion, and recent threats have been especially prevalent in Latin America, Europe, Russia and China. Loss of intellectual property can be debilitating when attempting to break into a new country. If a Chinese hacker organization, for example, is able to access the intellectual property of an American manufacturing operation looking to expand into the Shanghai market, a local industrial organization will be able to set up shop domestically before a foreign company has even procured the necessary permits. Once a Chinese manufacturer is producing the same product the American company was looking to bring into the untapped market, there is little chance local consumers will buy foreign. 

Most legal departments understand the dangers and are justifiably terrified at the prospect of intellectual property loss, but not all manufacturing executives appreciate just how vital these issues really are. Not only is intellectual property just as valuable, if not more so, than material assets, but also the risk of compromise poses a financial and legal threat. The potential liability from loss or exposure of clients’ personal data is a very real concern.

SOLUTIONS(S)

Be proactive

One of the biggest structural problems facing manufacturers is a tendency to operate reactively instead of proactively with respect to data security needs. Manufacturers need to think and operate more strategically, and data security strategies need to be cohesive and anticipatory. Mitigation and preparedness demands structured, preemptive planning based on best practices, with critical steps taken to mitigate risk before a system is compromised.

Understand the playing field

All too often manufacturers face the difficult circumstance of “not knowing what they don’t know”. Understanding the risks and weaknesses before devising a security strategy is critically important. The best way to do so is to perform a holistic/systemic evaluation—an Enterprise Risk Assessment—to analyze your current security profile and distill the results of that analysis down to a comprehensible and actionable document that all parties can understand. Running security software that generates a tech-heavy document is neither sufficient nor effective. An accurate assessment and clear plan will also help manufacturers invest their dollars/resources most effectively and efficiently.

Devise a coordinated strategy

The complexity of many manufacturing companies presents its own difficulties. With so many processes in place, and such a vast array of technical data involved, potential exposures are abundant. People, processes, networks and materials that are not secured are all an impending liability, and even the smallest chink in the armor can represent a significant vulnerability through which outside parties can execute a damaging theft of intellectual property. As a result, data security for manufacturers must be holistic and integrated; overlapping and reinforcing in a way that eliminates oversights.

Design and implement comprehensive coverage

Security coverage must be comprehensive and all encompassing. Even the sturdiest wall is ineffective if there is a gaping gap in one spot. Building the wall higher and making it thicker will do no good unless that hole is addressed. And these days, attacks have become so sophisticated that it does not even take a big hole: even a single brick being out of place is a very real problem. Begin by establishing core perimeter controls such as malware gateways and application-based firewalls—but do not stop until every potential point of access has been addressed.

Security needs to be ongoing

Sound network security is a marathon, not a sprint. Any security framework that is not capable of adapting to meet new technical and procedural challenges in the months and years ahead is almost as much of a liability as an asset. The rapid evolution of technologies and processes necessitates a data security strategy that is adaptable, agile and continuously ready for the next level.

As manufacturers look to expand—both in the U.S. and internationally—protection of intellectual property will continue to be an important factor…and one that often flies under the radar. A proactive approach to addressing data vulnerability issues is highly recommended, beginning with a thorough assessment straight through to ongoing maintenance of an integrated network security platform.

Co-authored by Greg Guracech, Vice President and COO, and Shaun Bertrand, Senior Security Analyst, from Michigan-based Creative Breakthroughs, Inc., an industry leader in IT advisory services, network security, integration and infrastructure management strategies. Greg can be reached at gguracech@cbihome.com and Shaun is available at sbertrand@cbihome.com.

All comment postings require your name and email address for user verification only. Your email address will not be used or distributed for any other purpose.
No advertising is permitted and will result in the post being deleted and/or banning. Please click "REPORT" to report any inappropriate posts.
blog comments powered by Disqus


Permission to Reproduce:
Unless otherwise stated, the copyright and similar rights to all material published on this website are owned by The Manufacturers Group Inc. DBA Manufacturing & Technology eJournal( mfrtech.com ). Reproduction of any article in print, electronic or any other form must acknowledge mfrtech.com as the Source and include a link to http://www.mfrtech.com
Latest Featured:
Overcoming the Technical Talent Management Challenge: 19 Best Practices from Recruitment to Retention

Without a trace: Lack of traceability makes product integrity – and profits – disappear

One Good Lead Is More Valuable Than a Fistful of “Non-Starters,”

Managing the Risk of an Aging Workforce

Seven Simple Words Can Save a Business Conversation Gone Wrong

Rolled or Cut? How to Choose the Most Cost-Effective Gear for Your Proces

-=Latest News=-     -=Privacy=-     -=About Us=-     -=RSS Feed=-     -=Mobile=-     -=FeedBurner=-

Copyright © 2011 Manufacturers Group Inc. All rights reserved.