Comment les entreprises industrielles peuvent-elles assurer la cybersécurité de leur supply chain ?
Dans le secteur industriel, la production d’une entreprise dépend fortement du succès de sa chaîne d’approvisionnement (supply chain). De nombreux éléments tels que les matières premières ou les matériaux nécessaires à ladite production sont essentiels pour obtenir un produit fini. Mais à l’ère de la numérisation croissante de nos industries, la cybersécurité de la chaîne d’approvisionnement est devenue un défi majeur. Tour d’horizon des solutions.
Hackers have identified supply chains as effective targets for attacks
Hackers usually don’t break in, they simply log on to the network with stolen credentials. Many business leaders are unaware of how easy it still is for many attackers to obtain user credentials. This allows cybercriminals to log on to the network undisturbed and, from this secure environment, bypass most defenses to successfully attack the network, steal data or extort companies.
According to the Verizon Data Breach Incident Report, credentials are the most sought-after data category in security breaches, accounting for more than 60 percent.
Smart contracts make your supply chain more effective, secure and faster
Smart contracts are computer programs deployed on a blockchain that do not run on a central server, but on different nodes on the computers of the partner companies. Smart contracts can process delivery transactions, make payments and track products in an automated, secure and fully transparent way. At the same time, this technology prevents the counterfeiting of products, as the origin of all components can be completely verified through the blockchain and the smart contracts it contains. Smart contracts are already in use today and you’ll be able to benefit from them wherever you have concluded any contracts.
In the future, the cloud will also reliably protect you from attacks by hackers and malware: Secure Access Service Edge
In October 2021, Gartner predicted that as early as 2024, the financial aftermath costs of security vulnerabilities could be reduced by 90% through the adoption of security meshes. As defined by Gartner in 2019, Secure Access Service Edge (SASE) connects and secures all enterprise elements – branch offices, data centers, remote users, IaaS and SaaS resources. How does this benefit you exactly?
Traditional security architectures can no longer keep up with the demands for security, speed and stability. This is already true today and will be even more dramatic in the future. These traditional security structures are too cumbersome because they are designed to store data in local data centers and cannot cope with the demands of the cloud.
This is where SASE, a modern security concept for network infrastructures where one service provider takes care of all the security services and functions of a cloud network, has emerged. The modular network provides an entry point for users who, after successful access, can use the various cloud services protected by the SASE service.
The trend is clear: an increasing number of companies are using cloud services in different locations. With a wide range of cloud workloads and the associated data in the cloud, the requirement for security is also increasing. After all, you want to ensure that only users who are authorized to access your data can do so.
In this case, of course, it is very important that the security functions centered on data are located as close as possible to the users, so that the path to the Internet and the SASE provider is as short and fast as possible. After all, your users should not only be able to work securely, but also effectively, no matter where they are. SASE is optimized for the international operation of numerous cloud solutions. In a SASE, the software stack performs all network functions. This includes global route optimization, dynamic path selection, traffic optimization and end-to-end encryption, as well as inspection and enforcement functions. The technology is fit for the demands of the future.
Access to cloud services can be optimally secured and accelerated as a result. You and your mobile users are reliably protected against threats on all devices by connecting all users to one of the cloud’s numerous connection points via the shortest possible path. Connectivity to all enterprise data, on premises and in the cloud, can be managed consistently with enterprise policies. SASE not only protects the cloud, but also its data center, at least while it still exists.
The security engines in a SASE include a next-generation firewall (NGFW), a secure web gateway (SWG) with URL filtering, a next-generation anti-malware service and an intrusion prevention system (IPS). The security engines form the foundation of a comprehensive managed threat detection and response (MDR) service. They are scalable and can handle all encrypted as well as unencrypted traffic without requiring customers to patch or upgrade devices and solutions.
Without reliable protection from the cloud, you will sooner or later fall victim to a ransomware attack
If organizations don’t modernize, they will be much more unprotected than organizations that are already addressing tomorrow’s security needs.
In 2021, ransomware attacks increased by 93%, according to the Cyber Attack 2021 Mid Year Report. Added to this is Bitkom’s representative study from 2021 which states that German economy have incurred damages of 220 billion euros in 2020. That is double the damage from 2019. The number of new malware variants alone increased by around 117.4 million in 2020. That’s just under 320,000 new malware programs per day. Compared to the previous year, the increase is once again more than a third. Bitkom surveyed more than 1,000 companies on this issue. Nine out of ten companies have been the victim of an attack, compared to 75 percent in the previous year.
The question is no longer whether a network will be attacked by ransomware or not, but how to protect against it. With ransomware, the focus is not only on the data in the network, but also specifically on the backup media to prevent the restore and also compromise the data in backup.
With Air Gap, the backup data is physically separated from the other data, in the cloud, for example. Of course, this does not guarantee complete protection, but in any case more protection than backing up data on external hard drives or on the same network. In addition, backup data should be stored using the WORM approach if possible, i.e. « Write Once Read Many ». This ensures that ransomware cannot encrypt the backup data even if an attacker manages to access the backup data despite the Air Gap.
Asset tracking optimizes processes in production and logistics
Asset tracking is one of the most important technologies in the transformation to Industry 4.0. With IoT technology, assets can be identified, located and tracked via sensors and tags. This improves transparency and accelerates processes in production and logistics. With asset tracking, companies can monitor and document the delivery and production route of assets and thus include them in process planning. The exact location, status, and other information of assets can be tracked and logged. At the same time, this data can be used for process automation and optimization, supported by artificial intelligence. Asset tracking also enables the precise resource location of operating materials.
Asset tracking can also prevent failures and downtime in production and logistics. Research has shown that average manufacturing companies suffer up to 800 hours of downtime per year. In auto production, a one-minute downtime translates into up to $22,000 in additional costs.
Ultra-wideband (UWB) technology represents the next generation of asset tracking. UWB is capable of fast and stable data transmissions that also integrate accurate positioning. When using asset tracking, companies should make sure to use a solution that is as universal as possible, that can be used flexibly and can adapt to changes in production and logistics processes. Cloud-based IoT solutions help to capture data in real time and also forward this data to the systems that need it.
A lire aussi
- Cyber sécurité industrielle
- Sécurité et stabilité du cyberespace
- Cyber criminalité
- Souveraineté numérique
- Identité numérique & KYC
- Lutte anti-fraude
- Sécurité opérationnelle
- Cyber risques
- Transformation numérique