Manufacturing Firms Learn Cybersecurity the Hard Way

Dark Reading

Although 61% of smart factories have experienced a cybersecurity incident, IT groups and operational technology groups still don't collaborate enough on security

Tracking Cybersecurity Threats in Manufacturing

Data Breach Today

With the rise of the industrial internet of things comes a far broader attack surface in the manufacturing sector. Chris Morales of Vectra outlines findings of a new report on cyberattack trends in the manufacturing sector

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity in manufacturing

OpenText Information Management

Not long ago, many manufacturing CIOs thought that cybersecurity was something only the financial sector had to worry about. Why would anyone want to hack a manufacturing plant? How times have changed – now, cybersecurity in manufacturing is definitely front and center. I … The post Cybersecurity in manufacturing appeared first on OpenText Blogs.

RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE

Security Affairs

Taiwanese manufacturer and distributor of computer hardware GIGABYTE was a victim of the RansomEXX ransomware gang. RansomEXX ransomware gang hit the Taiwanese manufacturer and distributor of computer hardware GIGABYTE and claims to have stolen 112GB of data.

Medical Device Security: The Manufacturer's View

Data Breach Today

Michael McNeil of Philips on the Manufacturer's Role in Improving Device Cybersecurity Awareness of medical device security issues has grown dramatically over the past few years. But Michael McNeil of device manufacturer Philips argues that cybersecurity is still years behind where it should be, so stakeholders are playing catch-up

Cyberattack Hits Aircraft Parts Manufacturer

Dark Reading

Belgium's Asco has shut down manufacturing around the world, including the US, in response to a major cybersecurity event, but what happened isn't clear

Airplane manufacturer Bombardier has disclosed a security breach, data leaked online

Security Affairs

Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. “Bombardier announced today that it recently suffered a limited cybersecurity breach.”

FTC Nixes Cybersecurity as Point Against 'Right to Repair'

Data Breach Today

That could help propel the "right to repair" movement, which contends manufacturers use anticompetitive tactics to lock consumers and independent repairers out

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data.

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

Service providers and 5G-enabled device manufacturers both have critical roles to play in the success and sustainability of this wireless network rollout. Table of Contents What Are the Cybersecurity Risks of 5G? What Are the Cybersecurity Risks of 5G?

Bolstering the Cybersecurity of Medical Devices

Data Breach Today

As cybersecurity threats in the healthcare sector evolve, medical device manufacturer ICU Medical is taking a number of steps to help safeguard its products. Chaitanya Srinivasamurthy and Marshall Fryman of the company describe these security initiatives

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices. The U.S.

IoT 109

FDA Reveals Steps to Bolster Medical Device Cybersecurity

Data Breach Today

Playbook' Prepared; Data Sharing Efforts Planned In its ongoing quest to improve the state of medical device cybersecurity, the FDA has announced a number of key moves - including the release of a security "playbook," plans to leverage information sharing and analysis organizations and an effort to update its 2014 premarket guidance for manufacturers

The IoT Cybersecurity Act of 2020: Implications for Devices

eSecurity Planet

Last month’s passage of the IoT Cybersecurity Improvement Act of 2020 means all IoT devices used by government agencies will soon have to comply with strict NIST standards. Lastly, we touch on the political rationale of how the landmark IoT cybersecurity legislation came to be.

IoT 113

Top cybersecurity Predictions for 2020

Security Affairs

The 2020 Cybersecurity Landscape – Below Pierluigi Paganini’s cybersecurity predictions for the next twelve months. Here we are again for the annual prediction of the events that I believe will impact the cybersecurity landscape in the next year.

FDA Calls for 'Cybersecurity Bill of Materials' for Devices

Data Breach Today

Food and Drug Administration Releases Draft of Updated Pre-Market Guidance for Medical Devices Before marketing their medical devices, manufacturers should prepare a "cybersecurity bill of materials" that lists components that could be susceptible to vulnerabilities, according to a draft of updated FDA premarket guidance

SEC Continues Focus on Cybersecurity Disclosure Failures, Announces Settled Charges Against Pearson plc

Data Matters

2 The SEC’s Pearson Order follows its June 2021 announcement that it had settled charges against First American Title Insurance Company (First American) for cybersecurity disclosure control failures. Cybersecurity Enforcement SEC

GUEST ESSAY: Remote workforce exposures exacerbate cybersecurity challenges in 2021

The Last Watchdog

One of the most concerning cybersecurity trends this year is closely connected to 2020. Many IT experts are warning that it won’t be long before hackers compromise several unprotected home networks simultaneously to manufacture a forceful and large-scale breach of vital services and systems. Businesses can use a Q1 cybersecurity hygiene house cleaning to defend against fileless attacks. As a result, cybersecurity trends have developed innovative ways to exploit these changes.

FDA's Kevin Fu on Threat Modeling for Medical Devices

Data Breach Today

More precise and pervasive cybersecurity threat modeling during manufacturers' development of medical devices - and also during the regulatory product review process - is critical for risk mitigation, says Kevin Fu, new acting director of medical device cybersecurity at the FDA

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

” Using threat intelligence feeds donated by dozens of cybersecurity companies, the CTC is poring over more than 100 million pieces of data about potential threats each day, running those indicators through security products from roughly 70 different vendors.

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

IoT devices are exposed to cybersecurity vulnerabilities. However, if you know where the dangers lurk, there is a way to minimize the cybersecurity risks. Here are five significant cybersecurity vulnerabilities with IoT in 2020. The Flaws in Manufacturing Process.

IoT 111

Third-Party IoT Vulnerabilities: We Need a Cybersecurity Paradigm Shift

Dark Reading

The only entities equipped to safeguard Internet of Things devices against risks are the IoT device manufacturers themselves

FDA Proposes Action to Enhance Medical Device Cybersecurity

Data Breach Today

Agency Seeks Congressional Authority to Require Makers to Take Certain Steps The FDA has issued plans for advancing the safety of medical devices, including a proposal to impose new cybersecurity requirements on manufacturers. Some experts say the FDA's plans are a good move, given the current device risk environment, but they warn that some proposals could prove difficult to achieve

New Guidance Published on Cybersecurity and Medical Devices

Data Matters

New European medical device guidance will require manufacturers to carefully review cybersecurity and IT security requirements in relation to their devices and in their product literature. In December 2019, the Medical Device Coordination Group (MDCG) published its guidance on cybersecurity for medical devices (the Guidance). The Guidance acknowledges that even though the Regulations impose legal obligations only on the manufacturer of the device, all other actors (e.g.,

ENISA Highlights AI Security Risks for Autonomous Cars

Data Breach Today

Automakers Should Employ Security-By-Design to Thwart Cyber Risks Autonomous vehicle manufacturers are advised to adopt security-by-design models to mitigate cybersecurity risks, as artificial intelligence is susceptible to evasion and poisoning attacks, says a new ENISA report

A CIO on Carrying the Burden of Medical Device Cybersecurity

Data Breach Today

A lack of standards spelling out to manufacturers their responsibilities for addressing the cybersecurity of their medical devices - especially legacy products - has left a big burden on the healthcare entities that use these devices, says Cletis Earle, CIO at Kaleida Health

NIST Updates Cybersecurity Framework

Data Matters

On April 17, the National Institute for Standards and Technology (NIST) released an updated version of its standard-setting Cybersecurity Framework. Commerce Secretary Wilbur Ross announced the new release with a statement saying the “Cybersecurity Framework should be every company’s first line of defense” and “adopting version 1.1 For example, the revised introduction notes that “similar to financial and reputational risks, cybersecurity risk affects a company’s bottom line.

Beer-Brewer Molson Coors Reports On-Going Cyber Incident

Data Breach Today

Multiple Systems Impacted, Including Production and Shipping Capabilities The Molson Coors Beverage Company reported Thursday it is in the process of countering a cybersecurity incident that has caused system outages throughout the brewer's manufacturing process.

Alerts: Vulnerabilities in 6 Medical Devices

Data Breach Today

DHS Warns of Security Issues in Devices from Baxter, BD and Biotronik Federal authorities are sounding the alarm about cybersecurity vulnerabilities in six medical devices from three manufacturers.

Olympus: 'Potential Cyber Incident' Disrupted EMEA System

Data Breach Today

Some Reports Suggest BlackMatter Was Attacker Olympus, a Japanese company that manufactures optics and reprography products, reports that a portion of its IT system in the EMEA region was affected by a "potential cybersecurity incident."

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries? A cybersecurity issue can cause unexpected costs in several different areas. And, the costs go up if the health care facility does not have a cybersecurity response plan to use after an attack gets identified. Manufacturing. The manufacturing industry was not always known to embrace connected technology, but that’s changing.

Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

Security Affairs

The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to increase the resilience of Critical Information Infrastructure (CII) sectors. The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to enhance the security and resilience of Singapore’s Critical Information Infrastructure (CII) sectors in delivering essential services.

Agreement on Proposal for Cybersecurity Act

Hunton Privacy

The European Commission (“Commission”), the European Parliament (“Parliament”) and the Council of the European Union reached an agreement earlier this month regarding changes to the Proposal for a Regulation on ENISA, the “EU Cybersecurity Agency”, and repealing Regulation (EU) 526/2013, and on Information and Communication Technology Cybersecurity Certification (the “Cybersecurity Act”). Cybersecurity certification framework.

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” In addition, the state is home to 16 nationally designated cybersecurity Centers of Excellence and a state university and college system that graduates more cyber-degreed engineers than any other state. According to Cybersecurity Ventures, there will be 3.5

How To Solve The Cybersecurity Skills Shortage

Cyber Info Veritas

We’ve all read and heard somewhere about the cybersecurity skills shortage. For me, this brings up the question of how to solve the cybersecurity skills shortage. Solving the cybersecurity skills shortage should be no different. Changing the framework These are the ways that I’m proposing here on how we can close the gap on this cybersecurity skills shortage, which worked for me. There wouldn’t be a cybersecurity specialist without understanding these IT basics.

European Commission proposes reinforcement of EU Cybersecurity rules

DLA Piper Privacy Matters

On 16 December 2020, the European Commission adopted a proposal for a Directive on measures for a high common level of cybersecurity across the Union (“NIS II Directive”) that revises the current Directive on Security of Network and Information Systems (“NIS Directive”).

Presidential Cybersecurity and Pelotons

Schneier on Security

As president, Biden can direct substantial resources to solving his cybersecurity problems. That is the real cybersecurity issue. Regulations that force manufacturers to provide better security for all of us are the only way to do that.

Beer Brewer Molson Coors Reports Ongoing Cyber Incident

Data Breach Today

says it's in the process of responding to a cybersecurity incident that has caused system outages throughout the brewer's manufacturing process. Multiple Systems Impacted, Including Production and Shipping Capabilities The Molson Coors Beverage Co.

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Security Affairs

Most of the attacks have been reported in July, the organizations hit by the ransomware gang operate in professional services, construction, manufacturing, retail, and food industries. The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0

Analysis: Self-Driving Tractors at Risk of Being Hacked

Data Breach Today

This edition of the ISMG Security Report offers an analysis of how tractors manufactured by John Deere are at risk of being hacked.