Data Breaches Don’t Have to Be the End: A Guide for Operations Managers (4 Recommendations)
-Article co-created with Gloria Martinez from WomenLed.Org
When it comes to industrial operations, you can always be more careful. As an Operations Manager, you’ve put in the work right from the start: creating an operations strategy, aligning teams, develop, implement, and maintain quality assurance protocols, measure efficiency and create strategies to improve it, optimise your budget... the list goes on. You may even be planning to move closer to your main plant, or create camping sites in each facility you manage to keep track of everything!
Now you’ve got to get through one more hurdle: handling data security and system resilience. Why? Because manufacturing businesses are, unfortunately, especially susceptible to cyberattacks, and they’re also the ones most likely to suffer setbacks. In a Deloitte study, titled Manufacturers Alliance for Productivity and Innovation, 40% of manufacturing firms experienced a cyberattack in the last year. Out of those, 38% lost over US$1 million in damages.
Another interesting fact... according to Cybercrime Magazine, 60% of small businesses that experience an attack of this nature close their doors for good within six months of the incident.
You’ve gotten this far down the operations management journey, so don’t let this become a reality for your business! Read on for some words of comfort from Polestar Industrial IT in your journey towards a more secure data environment for your manufacturing business.
4 Recommendations to Prevent and Manage Data Breaches and Cyberattacks
1. People: The weakest link
It’s an accepted truth in Cybersecurity that people are the most vulnerable link of an organisation. People are gullible, and this means one of two things: either you need to invest in training all people in your organisation who are at risk of exposing your network, or you automate your network security.
A combination of both is most recommended. Invest in Cybersecurity training and phishing awareness so that even your most internet-disconnected employees will know how to spot a phishing scam. You may also be susceptible to an attack from a former (disgruntled) employee. You quickly need to determine how to lock down your systems to outside attackers, including investing in identity and access management tools so you can remove unauthorised access from all systems.
2. Invest in networking and endpoint protection tools
Even if your people are the best at reporting phishing attempts and are skilled at spotting social engineering, hackers may still get into your system through brute-force style attacks on the network. You should make sure your security posture is as robust as possible; invest in technology that can keep you safe (like Secure-by-Design Networks, NGFW firewalls, Secure Remote Access Platforms, and Antivirus Software).
3. Have a Disaster Recovery Plan in place
One of the biggest and most important ways to ensure the continuity of your operations after a data breach is to have a disaster recovery (DR) strategy in place. If you’re hit with a cyberattack, you will want to recover your data and return to full operational capacity as quickly as possible, so before it happens, creating (and testing!) a plan is critical. Just make sure it’s affordable, secure, flexible, and easy to implement (and that you test it on a regular basis - if you don’t test the emergency plan, it’s useless).
4. In the event of an attack…
If you have Cybersecurity Policies and Training in place, a Secure-by-Design Network, Cybersecurity systems in place, and a Disaster Recovery strategy, the fallout from any potential data breach will be exponentially lessened. But you will still have a small percentage of probability of being subject to a cyberattack. Intruders are in constant evolution. In the event of an actual incident in which your information is accessed or stolen, Security Magazine suggests proceeding as it follows:
● Assess the impact of the attack and what is affected
● Don’t act immediately. Think before you react
● Don’t shut off the impacted computers
● Disclose the attack to your users
Another suggestion from Polestar... contact experts on cyberattack Management and Remediation, even before you access your data backups. Post-event steps include also the promulgation within the organisation of all learned lessons.
Management’s response can either contain or escalate an incident. In fact, a poor response can create a larger crisis. Active and coordinated responses to incidents limit lost time, resources, customers, damage to reputation and the costs of recovery. Operation Managers, IT Directors and Security Architects must be prepared to communicate, across all channels, including social media, assuring stakeholders that the organisation’s response is of equal impact to the attack.
The most important thing to remember is that your business can recover, but it’s going to take time. Investing in establishing policies and implementing tools that can stop-mitigate cyberattacks before they happen is the best way to reduce risks and prevent such situations. A resilient organisation aims to minimise the impact of an incident while quickly restoring operations, credibility, and security.
Rapid detection of cyber incidents and well-structured recovery plans can usually limit the damage. Recovery plans should designate clear roles, responsibilities, and actions to mitigate damage and reduce future risk, remediate the situation, and return to normal operations.