industry unlocked
Vinod Kumar,
CEO, Subex
Attacks on manufacturing organisations can
be particularly disruptive and, with the ongoing
convergence of IT and OT systems, it’s crucial
that CIOs take steps to secure their critical
infrastructure. Vinod Kumar, CEO, Subex, a
pioneer in the space of digital trust, tells us
about the challenges facing manufacturing
firms and how they can get ahead of attackers.
MANUFACTURING:
HOW THE INDUSTRY CAN IMPROVE
ITS SECURITY POSTURE
CWhy is this industry so targeted?
Can you tell us about some of the
unique cybersecurity challenges facing
manufacturing organisations?
Today, manufacturers are battling hackers and
disruptive actors at various levels. The converged
environment gives rise to OT, IoT and IT threats
but such convergence of technologies also
opens up more attack vectors for hackers to
exploit vulnerabilities while giving rise to what
we call hybrid risks. This is a euphemism for
threat actors using a range of methods including
a blend of traditional and non-traditional
approaches to initiate a cyberattack. Also,
malware potency is increasing and hackers are
using persuasive messages in phishing emails to
cause a breach through insider activity.
The manufacturing sector represents the lifeline
of an economy. It is therefore high on the agenda
of state-backed hacker constellations, also
known as APT groups. The supply chain element
also plays a key role as all these firms are relying
on third-party contractors or subcontractors who
might not have the best security posture.
Manufacturing entities also hold plenty of
intellectual property – information of commercial
interest to various groups. Manufacturers also
want to avoid disruption at any cost, so they are
ideal targets for hackers who seek to monetise
breaches faster through ransomware. Our
research has shown that as much as 14% of
all stolen data on the Dark Web is connected
to the manufacturing sector. This indicates the
volume of breaches that have been
successful so far.
Can you tell us how the
threat landscape has changed
for this industry during the
COVID-19 pandemic?
The risks have increased and the threats
have multiplied. Today, we are amid what
we call the second wave of attacks linked
to the pandemic. Due to the confusion
and anxiety that characterised the first
few months, hackers were able to initiate
a co-ordinated campaign resulting in
many successful breaches through
phishing emails and those that exploited
unsecured home networks as a result of
the prevalence of work from home.
Simultaneously, we also saw an increase
in targeted cyberattacks and a spike
in the number of variants of previously
detected malware. This trend is yet to
peak and attacks may continue for a few
more months.
How important is it for
manufacturers to strengthen
their cyberdefences in light of
the COVID-19 pandemic?
The response to these attempts by
various hackers and agencies should be
proportionate to the deteriorating threat
environment. A strong cybersecurity
posture is not just a matter of choice
44 Issue 27 | www.intelligentciso.com