Advanced analytics and computer technology has made data one of the most valuable resources a company can have. Many manufacturers, as a result, are turning to smart factory tech, like industrial internet of things (IIoT) sensors, to collect massive stores of information on everything from machine operation to factory conditions. This data, processed by the right algorithms, can help companies optimize their production line, forecast demand and even see machine failure coming — allowing them to avoid costly downtime.
However, there is one significant downside to IoT tech. Despite major strides, IoT security remains challenging, and IoT devices can make factory networks much more vulnerable to cyberattacks.
Over the past few years, insurance companies have started offering policies that cover damages related to cyberattacks. This cyber liability coverage can protect high-tech manufacturers.
- How the Industrial IoT Creates New Security Vulnerabilities
Every internet-connected device on a network provides an extra access point for hackers and cybercriminals. This factor means that every time a manufacturer retrofits old equipment with IoT sensors — or implements a new machine with pre-installed IoT components — it will increase their network’s attack area.
All of these devices will also need to be monitored and regularly updated, making it harder for cybersecurity staff to protect the company network.
The variety of machines necessary for some industrial IoT applications can also be an issue. A successful predictive maintenance program, for example, may need ultrasonic sensors to listen for gas leaks, vibration sensors to track movement and temperature gauges that can alert staff to dangerous levels of heat. All this equipment may have different security needs or distinct vulnerabilities, increasing the labor needed to keep them secure.
IoT platforms are popular among manufacturers because coordinating a large IoT fleet is difficult. Many of these platforms can automate some of this security work, checking for new updates and segmenting the network. They often include safety features that make IoT security somewhat more manageable. However, even with one of these platforms, manufacturers that adopt smart tech still face significant vulnerabilities.
Many IoT devices and sensors are also manufactured by smaller companies with fewer resources to respond to major vulnerabilities as they’re discovered. Depending on which machines a manufacturer owns, they may not have access to a support line or technicians who can help information technology (IT) staff troubleshoot device security. If an IoT manufacturer goes out of business, there will also be no one updating the firmware protecting those tools.
- The Benefits and Risks of Industry 4.0 Tech
If a hacker compromises an IoT device, they might gain access to a company’s entire network. With this entry, they can cause serious damage by stealing important customer information or knocking critical business systems offline.
The average cost of a data breach is more than $1 million. Even major companies with extensive resources committed to defending their networks — like Marriott, Equifax and Facebook — have still been compromised due to poor security or persistent hackers.
Manufacturers can implement best practices to improve factory cybersecurity and reduce the risks of IoT. Even with adequate security measures, some level of vulnerability may be a fact of life for companies that adopt IIoT tech. However, there’s no other way to get the real-world benefits that IoT sensors can provide — like improved factory data and access to predictive maintenance strategies.
Businesses who want to adopt smart manufacturing tech will need to prepare for the risks. One option is cyber liability coverage.
- Cyber Liability Coverage Can Protect Manufacturers
Cyber liability coverage, or cyber insurance, depending on the provider, covers damages related to cyberattacks — like data breaches or network interruptions.
The damages the insurance will cover can vary from policy to policy. Typically, cyber liability insurance will encompass one or two broad categories of damages:
- First-party coverage: This policy pays for the expenses immediately incurred by a company after a breach. These costs can include downtime related to the attack, repairs to damaged hardware or software, expenses involved in notifying customers and marketing campaigns to protect the company’s reputation. Policies may also cover related fees, like an internal investigation of the breach cause or ransom paid to attackers.
- Third-party coverage: Third-party coverage pays for expenses related to lawsuits and legal claims. Fees from liability lawsuits, negligence claims and regulatory bodies will typically be covered by policies offering third-party coverage.
Policies that provide first-party coverage may also cover expenses related to customer damages — like the cost of complementary services rendered to individuals whose data was stolen during a breach. Some insurance policies may break down elements of these plans further and only cover certain expenses, like downtime, damage to equipment or cost of notifying consumers after a breach.
Some costs won’t receive coverage from any plans. Most policies, for example, won’t handle betterment costs — money spent hardening digital security following an attack. They also might not cover expenses that are typically managed by other policies, like those related to bodily damage, property loss and commercial fraud.
These plans are a relatively new offering from insurance companies. However, they have quickly become standard across firms that deal with sensitive customer information or have networks that are difficult to secure. A survey conducted by the Hanover Group found around 70% of all businesses have some form of cyber insurance. Many companies that need cyber coverage, however, still haven’t invested in it. Almost 90% of survey respondents also said they’d experienced a cyberattack within the past year.
- How Manufacturers Can Prepare for Cyberattacks
The IoT can offer serious benefits for manufacturers — like better data on factory conditions, improved forecasting ability and access to predictive maintenance approaches. However, the IoT’s nature means the technology also creates significant cybersecurity vulnerabilities.
Manufacturers can employ numerous security measures to protect their networks — like segmentation, data audits and staff security training. For additional protection, businesses should also consider insurance policies that cover cybersecurity damages. These policies are becoming a common offering from many insurers and can help companies handle expenses following a cyberattack.Authored By Megan R. Nichols. Megan is a manufacturing and technology writer who regularly contributes to IoT Times and Manufacturing Tomorrow. She also publishes easy to understand manufacturing articles on her personal blog, Schooled By Science, to encourage others to explore STEM topics.