We’re in the midst of a fourth Industrial Revolution, and according to the World Economic Forum’s 2018 The Future of Jobs Report, the factors driving the revolutionary change include:
It really should come as no surprise then to find that today’s manufacturers are highly automated and connected. However, with every advancement in technology comes associated risk. According to the TrendMicro report, IIoT Security Risk Mitigation in the Industry 4.0 Era, IT downtime in a manufacturing plant can cost an average of $5,600 per minute or $300,000 per hour. The bigger the company the greater the risk (and the costs) when a critical process is interrupted.
While manufacturers, like all businesses, are at risk for the unauthorized release of personal identifiable information (PII), such as W-2 statements, customer information, or employee Social Security Numbers, perhaps the greater threat to a manufacturer’s bottom line is the loss of productivity. There are billions of unsecured programmable logic controllers (PLCs) running modern factories and plants are now equipped with remote monitoring and real time data collection which allow for greater productivity and efficiency. Consider the impact if the specifications of the product are altered slightly to make them non-compliant, a key supplier is not able to fulfill orders of essential components, or the plant comes to a complete halt because critical hardware has been infected and rendered nonoperational.
This is not just speculation. In March 2018, the U.S. Computer Emergency Readiness Team (US-CERT) issued Alert TA18-074A Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors, detailing a cyber campaign carried out by Russian state actors that targeted small commercial facilities to gain access to critical energy sector networks. In the alert, the U.S. Department of Homeland Security (DHA) and the Federal Bureau of Investigation (FBI) characterized the attack as a “multi-stage intrusion campaign” where Russian cyber actors “staged malware, conducted spear phishing, and gained remote access into energy sector networks.” Once inside the network, the cyber actors “conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).”
It is important to recognize that the factory itself may not be the target of the attack, but rather software that is being used in the operations. Computer code is never written error free; one renowned software programmer places the average at 15-50 bugs for every 1,000 lines of code. To put this into context, Apollo 11 was sent to the moon and back in 1969 using 145,000 lines of code — today’s cars run on more than 100 million lines. How many lines of code does it take to run your assembly line?
In these situations, a properly designed insurance policy can be the difference between bankruptcy and the ability to restore operations. Contact your cyber liability experts at Associated Benefits and Risk Consulting to discuss your cybersecurity needs.
How safe is your organization? Take the Cyber Risk Scorecard survey to assess your current cybersecurity standing and find additional steps your organization can take to protect against common cyber threats.
Carla provides solutions to mitigate management and personal liability exposures for companies, directors and officers. She specializes in assisting clients to identify and mitigate personal, corporate and professional liability risks. She consults with companies to uncover any liability exposures a
Carla provides solutions to mitigate management and personal liability exposures for companies, directors and officers. She specializes in assisting clients to identify and mitigate personal, corporate and professional liability risks. She consults with companies to uncover any liability exposures and then provides solutions to help mitigate those liability exposures. Carla has been in the insurance industry since 1982. She began her insurance career in the management liability underwriting department for financial institutions. She works with a vast array of clients including multi-hospital healthcare systems, private and public corporations, not-for-profit organizations and independent professionals. With Carla’s experience and knowledge she is frequently asked to speak on D&O and Cyber liability risks.
The world is different than it once was. It used to be that you needed a 30-foot phone cord to take the phone into another room just so you could have a little privacy, and that when you left work, you really left work, since there wasn’t any way to login remotely.
Nowadays, technological advances have made us truly mobile by enabling us to stay connected 24/7/365. While the workplace impact of 24/7 connectivity has meant that employee productivity has been on the rise, along with it comes challenges that couldn’t have been imagined even 15 years ago.
With massive data breaches at organizations such as Target, Dairy Queen, and JPMorgan, businesses are becoming more aware of the threat of hackers and external threats to their data. And while it’s important to protect yourself from such exposures, history has shown that the real enemy lies within our own companies. Don’t believe it?
Send a Message
Find a Location