The weak spot in security systems? It's people! Every day, 6.4 trillion fake emails are sent worldwide, every second of which is successful. These mails are almost indistinguishable from official mails, loaded with virus-infected attachments, dangerous links and misleading information. But despite all the talk about industrial security and cyber security are on everyone's lips, people often react the wrong way.
Digitalization has revolutionized the world. It has changed the way we search for products, how we pay for them and how they are delivered to us. And it is changing industry. And it is also changing the face of industry, as processes are automated, products are becoming intelligent, machines turned into interconnected "whiz kids", and vast amounts of data transferred back and forth.
Anyone who is dependent on data is vulnerable to attacks. And without an IT security strategy, companies run the risk of incurring financial damage and production downtimes. It is estimated that cybercrime will lead to immense damage by 2023. In the automotive industry alone, lost sales worldwide will amount to 505 billion US dollars.
80 % of all cyberattacks are aimed at human vulnerability
Whenever the topic involves industrial security, terms like network security, data security, plant security and machine security are quickly brought up. Current studies however indicate that the real source of danger isn't technical or mechanical in nature, but human. Did you know that more than 80% of all cyberattacks are targeted at human vulnerability and are often successful as a result?
"Illegal knowledge transfer, technology theft, social engineering and even economic sabotage are not rare, isolated cases, but actually a mass phenomenon," says Thomas Haldenwang, Vice President of the Federal Office for the Protection of the Constitution.
Damage prevention by giving in-house security courses
This may sound disturbing at first, but it's actually good news, since it is an easy task to train employees - for example, by providing them with clear guidelines and rules of conduct. Training can help promote awareness of the various types of attacks, helping employees act safely and sensibly.
Would you know what to do if you found a USB thumb drive in the restroom? What happens if you received an e-mail from your manager asking for your access data? Can you be sure the e-mail actually came from him or her? In order to minimize the risk of attack at your company, the first thing you need to do is to implement IT security training.
Danger has many faces
But what to do about external attackers? They often use existing vulnerabilities to invade systems or disrupt processes. In order to deny them access, those vulnerabilities must be detected and repaired - preferably before the attacker discovers them. Industrial security is not a physical quantity, but rather a moving target. Measures to combat cyber threats therefore need to be constantly updated. And companies have no choice but to deal with this on a regular basis.
How to optimize data security at your company
There are several ways to implement security measures, not all of which require a huge investment:
This security strategy makes life difficult for intruders by creating new and constantly changing obstacles. The trick is to create the highest possible number of obstacles on as many levels as possible.
2. Zones and conduits
Zones where devices with similar security requirements are located need to be sealed off from each other by means of firewalls or secure routers. That way, only devices that are truly authorized can send and receive data via the lines between the zones.
Although routers and switches have features that support security mechanisms, it is advisable to add firewalls to the mix.
4. Patch management
Software updates that have been poorly installed or entirely ignored represent a gateway for attackers, computer viruses and other malware. In programming, a "patch" refers to software that has been developed to update, optimize, or troubleshoot a computer program and/or its supporting data. That way, for example, you can close a security gap in an existing software application on your system. Take advantage of patch management to keep your software secure (including third-party software like office applications, PDF readers, etc.)
Specialists are available to address industrial security issues in major plant environments. At the next HANNOVER MESSE you can meet the experts from companies like Atos, Cisco, Siemens or Pilz.
Data Poisoning in AI Models
Data, Cyber and Open Source
Cyber innovations for the energy system
Finally experience live again: Touch products, meet people, experience the trade fair.
You can't travel this year? Watching lectures online, chatting and contacting exhibitors is also possible digitally.
Time was too short again? Just look digitally further, contact more exhibitors, find products.
Interested in news about exhibitors, top offers and trends in the industry?
Your web browser is outdated. Update your browser for more security, speed and optimal presentation of this page.Update Browser