search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
PC-FEB22-PG11.1_Layout 1 09/02/2022 15:05 Page 11


COMMUNICATIONS & NETWORKING ADOPT A ‘SECURITY-FIRST’ APPROACH


(ICS), how and where your sensitive data is stored, the vulnerabilities of your supply chain and who has access to your system. You should also look carefully at what systems control or are linked to physical processes and what may happen if they get disrupted. Once you know what the risks are, you can begin to develop ways to mitigate or remove these risks. ‘Hardening’ your systems will help to reduce the risk of cyber threats to your business. This includes: • The installation of firewalls


• The creation of processes to install patches • The installation of real-time intrusion detection or threat intelligence • Encryption


• Access and identity management (physical and digital)


• Regular back-ups


Claire Price of QMS International looks at cyber security risks and explains how manufacturers and engineers can keep their systems safe


embracing the benefits of digital transformation, giving rise to the fourth industrial revolution, or Industry 4.0. By introducing ‘smart’ manufacturing, factories and warehouses into their operations, businesses are gaining unparalleled visibility and control over their supply chains, machinery and facilities. With real-time data collected across the business and supply chain, businesses can better understand their operations and analyse and improve performance and maintenance. But this new inter-connectedness and use of ‘big data’ opens manufacturing and engineering businesses up to novel threats when it comes to cyber security. Smart manufacturers and engineers are vulnerable to malware, denial of service, device hacking and exploitation. This could result in the loss of intellectual data, a damaging amount of downtime, product sabotage and even threats to health & safety if equipment is hacked and control lost. With the new emphasis on the transparent


W


flow of data, factory floors and equipment can no longer work in isolation, cut off from the main network. Now, everything is linked, and more people and systems have access to that network, opening up multiple gateways to cyber criminals. Mobile devices are also becoming more common, which can be difficult to protect and keep on top of security updates. In 2016, nearly half of manufacturers


e’re living in a digital age and manufacturers and engineering companies across the globe are


in the Deloitte-MAPI survey were saying that they were using mobile apps for connected products, a figure that is likely to have grown. Digital transformations are also often done piecemeal, meaning that old systems exist alongside the new with varying levels of security and vulnerability. Combined with the slow installation of upgrades or patches across a network, this creates another challenge for businesses – and another opportunity for criminals.


It is not therefore surprising that the UK manufacturing sector was the victim of 29% of all cyber-attacks recorded by the NTT’s 2020 Global Threat Intelligence Report. Going forward, the manufacturing and engineering sectors need to adopt a more holistic approach which integrates cyber security into every aspect of their business, creating a culture of security.


Key considerations when thinking about cyber security for Industry 4.0 include: • How you can ensure the integrity of your systems and information


• The protection of sensitive information throughout the data life cycle


• The recovery process of critical systems and how to minimise the effects of an incident To protect your smart network from cyber criminals, you must first identify possible risks and their likelihood of occurring. A comprehensive risk assessment must therefore be carried out which must consider your organisation, its suppliers and its technology. You will need to assess how secure your industrial control systems are


• The segmentation of systems You can also increase your organisation’s resilience by coming up with a disaster recovery plan or business continuity plan, which will help you to deal with an incident and detail the steps needed to return to normal. Ongoing vigilance is key and should be undertaken by both your workers and your technology. Monitoring of your networks, personnel and the environment should be continuous so that you can pick up on threats as quickly as possible.


To aid vigilance, your workers need to be trained. Cyber security awareness training should be carried out regularly. You should also seek to ensure that your suppliers or any other organisations connected to your systems commit to regular audits and the installation of software patches when they are available. To create a security-first approach that integrates information security throughout your organisation, you may want to implement an information security management system, such as ISO 27001, which includes processes for physical, digital and legal risks.


ISO 27001’s 114 controls have been developed to help you implement best-practice processes when it comes to integrating security into your personnel, leadership and digital and physical assets. These processes include access control, operations security, system acquisition and maintenance, supplier relationships and incident management, giving you the framework you need to build a true culture of security within your manufacturing or engineering business. The Standard can also be extended with additional codes of practice to tailor it to your organisation’s needs. ISO 27017, for instance, covers information security for cloud services, while ISO 27018 tackles the protection of personally identifiable information kept in a cloud.


QMS International www.qmsuk.com


FEBRUARY 2022 | PROCESS & CONTROL 11


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66