Occasionally cyber-security incidents make the news, but most go unreported. The numbers are staggering. The US Department of Homeland Security says US critical infrastructure experienced a 20% increase in cyber incidents in 2015 from the year before. Manufacturing was the most commonly attacked sector, representing 33% of all critical infrastructure cyber-security incidents. Manufacturing sites were attacked twice as often as the second-most attacked industry, energy.
Security experts says the most common approach to security—the IT equivalent of a single door with a strong lock—is a terrible idea. As cyber-security expert Kevin Mahaffey explained at the 2016 CeBIT Security conference in Hannover, the fortress of protection approach is not secure. “Big walls on the outside and nothing on the inside” is how he described it. Unfortunately, this is how many companies approach data security. But once that initial password screen is breached, the whole of manufacturing IT is there for the snooping or taking.