What are the biggest cybersecurity threats manufacturers face? MxD has identified the Top 7 — equipment sabotage, insider threats, supply chain attacks, phishing, ransomware, data theft, and malware — and has suggested strategies to mitigate each.
In this sixth article in the series, we highlight data theft.
Data theft, also known as information theft, is a significant cybersecurity threat because its tentacles have such a wide reach.
The sensitive data that cyberthieves aim to steal or compromise is found throughout an organization’s many departments and ranges from intellectual property files to software code to passwords. It’s a lot to protect, plus criminals are getting better at finding it. Data breaches were up 70% across the globe in late 2022 compared to Q2, according to one study. Outlooks for this year warned of even more and increasingly sophisticated attacks.
Adding to the complexity is that when people think about data theft, they mainly think about data exfiltration, which describes the unauthorized transfer of information from a computer or other device.
But data exfiltration is just one type of data theft, notes Laura Élan, MxD’s senior director of cybersecurity.
“When we think of data theft, we have to expand our thinking about what it really means to steal something from an organization,” Élan added. “Data can be removed. It can be copied and disseminated. It can be destroyed or changed, often in a way not quickly recognizable to the organization. Thieves can even steal actual hardware, like a computer.”
To prevent data theft, an organization should first identify all of its critical assets, ensuring that nothing is overlooked, Élan said. A manufacturer, for example, would need to list its engineering, design, and intellectual property files; employee and salary data; usernames, passwords, and Wi-Fi credentials; and process and inventory data being collected in real-time on the factory floor.
This task usually starts with the business owner who has the 30,000-foot-view of the operation. Then, as companies turn to determining the consequences of that information being stolen or exposed, work moves to the individual departments that can dig deeper into how data theft would affect the organization.
Additional steps to take include:
- Control access to data. “Everybody wants to know everything,” Élan said. “But what’s the minimum amount of access I need to do my job? I work in cybersecurity; I do not need access to employee files.”
- Require employees to create strong passwords and update them often.
- Scan the network for malicious behavior. “Monitoring the network and the movement of data within the network is an important aspect of controlling data theft,” Élan said. “If you don’t have the appropriate controls in place, you may never know your data is gone or has been copied and shared.”
- Prohibit employees from bringing personal phones into areas where products are being designed and developed.
- Write software code in a sandbox environment with no external network connections.
- Encrypt all design and financial information traveling between one organization and another.
- Limit physical access to the factory to stop someone from picking up a computer and walking out the door. “People often think that putting something onto the network is the biggest security risk without realizing that something coming off the network can be just as much of a risk,” Élan said.
MxD’s Playbook for CMMC 2.0 Level features tips on how to control network access and limit physical access to the factory. It’s available for free download.
Top 7 Cybersecurity Threats Series:
Article #1: Equipment Sabotage
Article #2: Insider Threats
Article #3: Supply Chain Attacks
Article #4: Phishing Attacks
Article #5: Ransomware