CSCMP's Supply Chain Quarterly
December 12, 2018
Forward Thinking

Now more than ever, manufacturing needs to guard against cybersecurity threats

A report from Deloitte and MAPI argues that the fast pace of technology implementation is making manufacturing particularly vulnerable to cyberattacks.

Is improving cybersecurity at the top of your New Year's resolution list? Perhaps it should be.

According to "Cyber Risks in Advanced Manufacturing," a report from the consulting firm Deloitte and the industry association Manufacturers Alliance for Productivity and Innovation (MAPI), 39 percent of manufacturers that responded to a survey had experienced a cybersecurity breach in the past year. Additionally, nearly half of surveyed executives acknowledged that they were not fully confident that their organization's assets were protected from external threats.

The report, which is based on 35 interviews with industry executives and 225 responses to an online survey, looks at the current state of cybersecurity among manufacturers, emerging risks, and leading strategies for addressing cybersecurity.

The report argues that manufacturers are particularly vulnerable to cybersecurity threats because they are implementing new and emerging technologies, such as sensors, "smart" products, analytics, and the Internet of Things, at a pace that has never previously been seen. These technologies will create many new and complex security risks that manufacturers have not dealt with before.

Some of the study's suggestions for improving cybersecurity include:

  • Create risk management strategies for enterprise systems and emerging technologies at the same time they are being deployed.
  • Build a "cyber risk" team that goes beyond simply having a chief information security officer.
  • Develop situational awareness and threat intelligence that identifies the top cyber risks to your organization and how you might be making yourself vulnerable to threats.
  • Create a strategy for handling cybersecurity breaches that will help the company return to "business as usual" as quickly as possible.
  • Implement monitoring mechanisms for high-risk networks, systems, and data that will alert you to abnormal activity.
  • Perform a risk assessment that focuses not just on your enterprise systems but also on your industrial control systems and connected products. It is preferable to have an outside expert perform this assessment to ensure you are receiving unbiased advice that takes advantage of current cybersecurity best practices.
  • Make sure that employees are aware of their responsibilities for helping to mitigate risks. This includes knowing how to guard against "phishing" (sending fraudulent emails that look like they are from reputable companies in an attempt to get the recipient to reveal personal information) and other forms of social engineering (using deception or manipulation to trick people into divulging confidential information), how to protect intellectual property and sensitive data, and how to report unusual activity or other areas of concern.

This well organized, 53-page report provides solid, clearly written advice that can be applied even to companies outside of manufacturing. Go to to download this and other MAPI reports.

Join the Discussion

After you comment, click Post. If you're not already logged in, you will be asked to log in or register.

Want more articles like this? Sign up for a free subscription to Supply Chain Executive Insight, a monthly e-newsletter that provides insights and commentary on supply chain trends and developments. Click here to subscribe.

We Want to Hear From You! We invite you to share your thoughts and opinions about this article by sending an e-mail to ?Subject=Letter to the Editor: Quarter : Now more than ever, manufacturing needs to guard against cybersecurity threats"> . We will publish selected readers' comments in future issues of CSCMP's Supply Chain Quarterly. Correspondence may be edited for clarity or for length.

Want more articles like this? Subscribe to CSCMP's Supply Chain Quarterly.