The Fourth Industrial Revolution is providing a world of opportunities for UK manufacturing and engineering (M&E) businesses. In particular, the increased use of automation and computer-controlled manufacturing techniques means that IT systems have evolved to become a mission-critical part of all M&E businesses.
Despite economic and political turbulence, UK M&E businesses are investing in the future, contributing almost 70% of total UK spend on research and development and maintaining our reputation as a global centre of manufacturing and engineering excellence.
But it’s never been more important for M&E businesses facing unique security challenges to protect themselves, their people, their intellectual property and other trade secrets from cybercriminals. Manufacturers with large, dispersed operations, MES systems, ERP software, hand-held RFID devices, and collaboration tools that lack security features, are vulnerable to hackers looking to extort businesses owning valuable brands, inventions or designs.
Research by Make UK, formerly EEF, shows that some firms are largely unaware of the threat and lack basic security measures. Its 2019 statistics show that 65% of its members had been attacked, with 27% suffering financial or other losses, while 33% do not train staff in even basic cybersecurity.
The most effective cybersecurity systems have multiple layers of protection – and a key defence as part of that mix that I believe is essential for all manufacturing and engineering businesses is Multi-Factor Authentication (MFA). When you log in to your online bank, enter your email or username and password, you’re then asked for another code – that’s MFA. It adds an extra security layer, or ‘factor’, on top of usernames and passwords which, as we know, are often not strong enough.
MFA provides a unique, time-limited code via a hand-held device, such as PINsentry from Barclays, that’s almost impossible for hackers to intercept. Even if the criminal has a stolen email address, username, and password, MFA keeps data safe. Here’s a quick checklist to get you started on MFA:
- If you haven’t already, make a list of everything you and your business accesses using an email address, username, and password
- Identify those systems or services that are cloud or web-based – as they are the ones most at risk of being hacked
- Check with the providers of these systems and services (or ask your IT support company) to see if MFA can be applied – and then do so immediately
- For those not MFA-enabled, review your current username and password policies, make sure they are securely stored, limit access to them and make them as strong as possible.
We would strongly recommend the Government-backed Cyber Essentials accreditation scheme for all M&E businesses. Cyber Essentials provides advice and guidance on security processes and measures that your business needs to keep your infrastructure safe from attacks. Cyber Essentials accreditation demonstrates achievement of a respected cybersecurity quality standard, providing peace of mind as well as adding weight and value to your offer.
If your current provider hasn’t mentioned MFA to you yet, then you should be a bit worried about that! We regard this kind of advice and guidance as part and parcel of our proactive support service that keeps our clients’ businesses as safe as possible and delivers reliable, smoothly-running IT.
If you’d like to find about more about MFA, or how we can help you with cybersecurity more generally, you can either leave us a message here, email them on firstname.lastname@example.org or speak to our friendly team on 03300 886116 or for an informal and confidential chat.