Strong risk management is critical in the Industry 4.0 fight against cybercrime.  

The ability to automate traditional manufacturing and industrial processes, supported by data sensors and powerful analytics, has seen the Industry 4.0 trend turbocharge the growth of many companies. By allowing for greater connectivity between machines and facilities, it has accelerated supply chains, driven significant efficiencies, improved the flexibility and agility of businesses, and facilitated a much better customer experience.  

All of this has contributed to the explosion of the internet of things (IoT). Analyst firm Gartner predicts there are now approximately 30 billion devices in the world and, according to research by IndustryARC, the global Industry 4.0 market specifically is expected to reach $156.6 billion by 2024. This pace of change will continue to advance as companies seek to stay competitive and maximise the quality of their products and services.  

“Industry 4.0 has transformed the way many businesses operate,” says Andrew Bryson, operations senior vice president at FM Global, one of the world’s largest commercial and industrial property insurers. “An…

Read More…

BlackBerry researchers are tracking what they believe to be a mercenary cyberespionage group whose campaign they’re calling “CostaRicto.” BlackBerry doesn’t speculate about who CostaRicto’s paymasters might be, but they offer four reasons for thinking it a mercenary operation. It uses bespoke malware; it shows systematic, continual development; it may share some network infrastructure with APT28 (Fancy Bear, Russia’s GRU), and its highly diversified target list suggests more than one customer.

Dragos finds that industrial control systems (ICS) are increasingly being subjected to the attentions of cyber threat actors. The researchers are following five distinct threat groups:

• CHRYSENE (APT34 or Helix Kitten) targets the petrochemical, oil and gas, manufacturing, and electric generation sectors. It’s expanded its interests beyond the Persian Gulf.
• MAGNALLIUM (APT33 or Elfin) is active against the energy and aerospace sectors, including their supporting sectors.
• PARISITE (Fox Kitten or Pioneer Kitten) works against electric utilities, aerospace, manufacturing, oil and gas entities, and governmental and non-governmental organizations.
• WASSONITE, associated with the Lazarus…

Read More…

80% of organizations experienced a cybersecurity breach that originated from vulnerabilities in their vendor ecosystem in the past 12 months, and the average organization had been breached in this way 2.7 times, according to a BlueVoyant survey.

The research also found organizations are experiencing multiple pain points across their cyber risk management program as they aim to mitigate risk across a network that typically encompasses 1409 vendors.

The study was conducted by Opinion Matters and recorded the views and experiences of 1505 CIOs, CISOs and Chief Procurement Officers in organizations with more than 1000 employees across a range of vertical sectors including business and professional services, financial services, healthcare and pharmaceutical, manufacturing, utilities and energy. It covered five countries: USA, UK, Mexico, Switzerland and Singapore.

Third-party cyber risk budgets and other key findings

• 29% say they have no way of knowing if cyber risk emerges in a third-party vendor
• 22.5% monitor their entire supply chain
• 32% only re-assess and report their vendor’s cyber risk position either six-monthly or less frequently
• The average headcount in…

Read More…

Employees who specialize in demanding and dangerous lines of work—manufacturing, construction, handling cargo, and other hazardous environments—face the constant threat of physical risk.  

In these roles, on-the-job “hard skills” training can be costly and dangerous. But organizations increasingly see how virtual reality solutions can help them provide invaluable hands-on training safely, efficiently, and economically.  

Far from being used primarily for gaming and entertainment, VR is growing rapidly as an enterprise tool. By PwC’s estimate,…

Read More…

For critical infrastructure organizations and operators to prevent a catastrophic event, they must first understand the risks facing cyber-physical systems

Photo courtesy of Nozomi Networks

Read More…

Read More…

The need to address the threat posed by malicious actors exploiting the internet of things (IoT) to attack critical industrial infrastructure is becoming an increasingly urgent one, according to the Foresight review of cyber security for the Industrial IoT report published by charitable organisation the Lloyd’s Register Foundation.

The report dives into the inherent risks surrounding the industrial IoT as it becomes a core part of network infrastructures across multiple critical sectors, such as energy, transport, the built environment, physical infrastructure and manufacturing, noting that the IoT exacerbates many of the security challenges that have existed for a long time.

“Over the past few years, we have seen a rise in deliberate attacks aimed at critical infrastructures across the globe. As adoption of IoT in the industrial sector continues to grow, clear action and guidance is needed,” said Robert Hannigan, report co-author and international executive chairman at BlueVoyant, a New York-based managed security services provider (MSSP).

“Our report frames the context of [the] industrial IoT, the imminent problems facing key infrastructure as they…

Read More…

The Internet of Things (IoT) and Industrial IoT (IIoT) are beginning to see some real momentum, particularly in industries such as manufacturing, healthcare, and retail. More and more devices, equipment, vehicles, buildings, and other objects are being equipped with sensors and connected, enabling the sharing of data that provides useful insights for businesses.

Security has always been a concern with IoT, and that has not gone away as more organizations launch projects. In fact, security issues are likely to become even more complex as businesses work with partners throughout their supply chains in efforts to create “smarter” environments and more efficient processes.

A new report from research firm Ponemon Institute and the Shared Assessments Program, a group of risk management authorities, emphasizes the “acute need for IoT risk management improvement, as most organizations do not know what tracking and safeguards their third parties have in place.”

The study, “Third Party Internet of Things Risk Management,” said current IoT risk management programs are not keeping pace with the dramatic increase in IoT-related risks. This is a shortcoming that represents a clear…

Read More…

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm’s Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi …

Read More…

With over 30 Speakers, this virtual conference presents the wide variety of arenas in which Decision Science is increasingly being adopted, including energy, sustainability, education, government, manufacturing, and health care.

Through a combination of presentations, panel discussions, and interactive sessions, attendees will gain a rich understanding of how to achieve better outcomes from both personal and professional decisions. https://cvent.me/WL7ABZ?RefId=RISKACADEMY_DAAGCONFERENCE

RISK-ACADEMY offers online courses

+ Buy now

+ Buy now

+ Buy now

Related