Supplier Directory Subscribe
Advertisement
Advertisement
Home / Human Error: A Growing Cybersecurity Risk for Metalworkers

Human Error: A Growing Cybersecurity Risk for Metalworkers

How improved internal security practices and a focus on human error can help protect your business from cyberattacks.

Posted: October 20, 2022

Improve your business’s safety culture by setting high standards for how devices are used, managed, and monitored — and train your team to abide by those standards.
If you haven’t reviewed your IT equipment protocols recently, examine the physical security of your technology.
Advertisement
Advertisement
If you haven’t reviewed your IT equipment protocols recently, examine the physical security of your technology.

Since the onset of the pandemic, businesses across all industries have seen a significant increase in cyberattacks. In fact, a recent survey conducted by the Manufacturing Leadership Council found that, as of 2022, nearly 50% of surveyed manufacturers have been a victim or target of cyberattacks.

Most operations understand the implications of cyberattacks—and your IT department has likely put some safeguards in place. Regardless, attacks still happen. As an underwriter, I help evaluate risks, and I’ve found that the most significant vulnerabilities among manufacturers are often caused by individuals within — or with close relationships to — the organizations themselves. A recent study from IBM found that 95% of cybersecurity breaches can be traced back to human error.

Without greater awareness of their actions by employees, they may not follow best practices that could prevent physical or digital access to a device or account. One mistake could lead to a hacker finding their way into your network, encrypting your systems, and either halting production or demanding a ransom.

Phishing attempts and malicious software might be in the news, but don’t overlook unauthorized physical access to your devices. To help reduce such vulnerabilities, listed below are recommendations to help your team stay vigilant about protecting your metalworking operations from cyberattacks.

Keep a Close Eye on Equipment — and Who’s Using It

If you’re a small- to medium-sized manufacturer, you likely trust your employees with your business information and technology. However, many scenarios could lead to the unauthorized use of your equipment, including:

  • Open office doors and manufacturing bays
  • Devices that aren’t properly stored or locked away
  • Unsupervised visitors, including cleaning crews or maintenance personnel
  • Identity theft and fraudulent impersonation

Most breaches caused by human error can be avoided through common-sense security measures, such as:

  • Not letting third-party individuals (e.g. cleaners, network repair personnel) work on or near systems unsupervised
  • Locking laptops and other mobile devices when not in use
  • Enabling the session lock feature on operating systems to lock screens after several minutes of inactivity
  • Using privacy screens or positioning computer displays so information isn’t visible to people passing by
  • Properly disposing of old technology by electronically wiping any data-containing devices and physically destroying them
  • Requiring individual user accounts for each employee
  • Removing administrative privileges from employee accounts (unless they’re essential) to help prevent the installation of unauthorized software

If you haven’t reviewed your IT equipment protocols recently, examine the physical security of your technology. Identify which areas leave you most vulnerable and implement new practices to help protect your business.

Create a Reliable Team

According to guidance from MEP National Network and the National Institute of Standards and Technology (NIST), employees and third-party personnel are primary sources of security incidents. Because they’ve been given access to important business information and systems, they can easily cause harm — deliberately or unintentionally.

Conducting comprehensive background checks and cybersecurity training can make a significant difference in your efforts to minimize the risk of a breach. Before hiring a new employee:

  • Perform a complete, nationwide criminal background check and, if possible, a credit check on all prospective employees — especially if they’ll handle business funds.
  • Contact prospective employees’ professional references to verify the dates they worked for a company and other specifics to help ensure their honesty.
  • Call the schools they attended and verify their attendance and graduation. This is particularly important if their role has specific education requirements.

Comprehensive training can help mitigate the risk of human error. Train employees immediately after they’re hired — and at least annually after that so they understand IT security policies and their responsibility to protect your business’s information and technology.

Employee training should cover:  

  • How to recognize and react to phishing scams.
  • What they can and cannot use business devices for (e.g. checking personal email).
  • How to properly manage and store customer or business information.
  • What to do in case of an emergency or security incident.
  • Basic practices surrounding equipment — including physical storage and security.

Everyday conversations, meetings, or company newsletters can reinforce your team’s understanding of cybersecurity. Revise your technology policies and procedures annually — and when you make operational changes or introduce new devices.

Protecting your operation from cyberattacks starts from the inside out. Improve your business’s safety culture by setting high standards for how devices are used, managed, and monitored — and train your team to abide by those standards. Doing so can leave you less vulnerable to data breaches and costly downtime, so your business can operate seamlessly in a world of rapidly changing technology.

These recommendations are just a start. Be sure to talk with your insurer or a local cybersecurity expert to discuss in greater detail how to best protect your business.

www.sentry.com

Subscribe to learn the latest in manufacturing.

Subscribe to learn the latest in manufacturing.

Sara Hillery evaluates cybersecurity risks as an underwriter and product specialist for Sentry Insurance. Sara.Hillery@sentry.com

Industry News

Mechtron Innovations, Infinity Asset Solutions, May 22nd 2024, Perforated and Louver Type Muffler Tube Manufacturing, Advanced robotics systems and components, Precision engineering tools and machinery, Automation technologies and equipment, 200 Sheldon Drive, B.J. Winning, premier asset management and auction services provider
Infinity Asset Solutions Announces Upcoming Auction of Mechtron Innovations

Auction Date: May 22nd, 2024
Mercedes-Benz, Nucor Corp., Econiq-RE, steel or steel products, 100% renewable energy, net-zero greenhouse gas emissions, net carbon-neutral
Nucor Signs Agreement with Mercedes-Benz to Supply Econiq-RE

Econiq-RE certifies Nucor steel or steel products are made with 100% renewable energy.
Murata Machinery Ltd., Murata Machinery USA, Muratec, automation, machine tools, Toshiyuki Komori, automated turning and fabrication, logistics & material handling automation, clean factory automation
Murata Machinery USA Celebrates 50 Years of Automation in North America

Muratec has a rich history of innovation and leadership in North America, revolutionizing the automation landscape with groundbreaking solutions that are often the first of their kind, the only ones available, or the world’s fastest.
View All
Calendar & Events
Design-2-Part Show
April 24 - 25, 2024
Uncasville, CT
Automate
May 6 - 9, 2024
Chicago, IL
Design-2-Part Show
May 8 - 9, 2024
Schaumburg, IL
Design-2-Part Show
June 5 - 6, 2024
Denver, CO
International Manufacturing Technology Show (IMTS)
September 9 - 14, 2024
Chicago, IL
FABTECH 2024
October 15 - 17, 2024
Orlando, FL
Advertisement
Advertisement
Advertisement
103,128 Followers
11,184 Followers
3,040 Subscribers
Advertisement
Advertisement