It’s critical for the security of your manufacturing business to keep security patches up to date with hardware and software. However, frequent patching (or “updating”) can slow down your servers, cause headaches, and create high maintenance costs.
Unfortunately, your factory’s security is only as good as a device or software that fails to update. Hackers love to exploit loopholes with automated bots that crawl for backdoors into business networks. Some of the most substantial and damaging data breaches were only possible because someone failed to update their software.
In the past, manufacturers relied solely on their IT department to handle cybersecurity threats. Today, the overlap between OT (operational technology) and IT (information technology) has complicated how we handle vulnerabilities in the plant. Nowadays, you must make patch management a part of your OT plan.
Many manufacturers remain reluctant to develop and utilize a well-planned OT patch management strategy. Unfortunately, these stubborn industrial players have been victims of the worst cyberattacks. For example: the 2017 ransomware attack that cost Merck more than $600 million.
Don’t ignore patching just because it’s a speed bump in your production or processes. This would put you at significant risk and could ultimately cost you your business.
Educate key stakeholders about your security patching plan by including it in your overall lifecycle management process. By raising awareness and gaining buy-in, you’ll enable a more strategic and sound patching plan.
Vulnerabilities are constantly being discovered in software. It’s kind of like the history of science; what is fact, is later proven false. Hackers are consistently surprising software developers and security experts.
Therefore, it’s important to build systems that can be quickly patched.
Yes, patching can slow your servers periodically and may even temporarily bring systems down. This is why most operators will schedule updates during after-hours. But if you’re a “lights out” manufacturer, you may not have that luxury.
It can be even trickier with IoT integrated factories, which usually require operators to manually download and install patches. If you’re manufacturing embedded systems, it’s a whole other ball game.
More examples: In 2015, Chrysler recalled 1.4 million vehicles to patch a security vulnerability. In 2017, Abbott Labs had to send 465,000 pacemaker patients to a clinic for a security update.
Utilize a patch management strategy to schedule how often you install updates and ensure the most efficient server performance. With a connected factory, it will be much easier to pinpoint timing around when you should run updates.
There will inevitably be some strain on your servers, but with a calculated approach -- you can minimize downtime and maximize security.
Here are a few tips for your patch management strategy:
Unfortunately, in specialized industries such as manufacturing, many are hesitant to install patches. Some forego it altogether, in fear of poor testing and subsequent problems. If it’s not broken don’t fix it, right? Wrong. When it comes to tech, you have to stay ahead of the hackers, essentially playing a game of security chess.
You risk much more by resisting to patch, than installing a potentially buggy update. Besides, these days the big vendors, from Microsoft to Cisco, are extremely thorough about testing before releasing patches. Issues with updates have become much less common than in the past.
So how secure are your most trusted systems? Unless you have a security expert constantly researching and evaluating all software and equipment… then your systems are probably not very secure.
Even with expert help, there is always another new vulnerability discovered.
You’re best bet? Keep patching.