If you’re an IT pro in a manufacturing or production environment, you already have your hands full, keeping everything running smoothly. Rising cybersecurity threats bring even more challenges. With ransomware rampant—striking 36 percent of manufacturing and production organizations last year, according to Sophos’ The State of Ransomware in Manufacturing and Production 2021 report—odds are you’ll face an attack at some point.
And the consequences can be severe, with the Sophos report saying the average cost in downtime, people time, device and network costs, lost opportunity, and ransom that manufacturing and production organizations paid from having their data encrypted was $1.52 million!
There is no way to be absolutely certain that your data, operations, and applications are safe. Nearly half of respondents in the Sophos report said they expect to be hit by ransomware in the future. Here’s a breakdown of the reasons those surveyed cited for that expectation:
25% say gaps or weaknesses in cybersecurity measures leave them vulnerable.
27% are already experiencing an increase in attempted ransomware attacks.
28% feel they can’t stop their users from compromising their organization’s security.
34% base their expectation on the fact that others in manufacturing and production have been hit.
46% of those surveyed say getting hit is inevitable, which is probably not far off the mark, with 304.7 million ransomware attacks in the first half of 2021.
60% say ransomware attacks are getting harder to stop as they become ever more sophisticated.
With the deck stacked against you, what should you do to protect your manufacturing or production environment? Here are a few recommendations to get you started.
First, assume you will be hit. Block every avenue you can identify that might let attackers in. Require strong passwords, limit admin privileges, and use anti-virus software, email filters, firewalls, and other technologies to keep the bad guys out. And educate your employees to spot ransomware and other social engineering schemes.
Preparation is the key to recovery. We’ve put together an IT disaster recovery planning checklist that’s a good starting point for you. Once you develop your plan, test it regularly to ensure you can recover critical systems and applications quickly if ransomware strikes.
A key element of your disaster recovery plan is your backup strategy. With cybercriminals now frequently targeting backup data to prevent companies from recovering, putting backup best practices in place should be a top priority. We recommend the 3-2-1-1 backup rule:
Immutability—the key to ransomware recovery—is when your data is converted to a write-once, read many times format that can’t be altered. Unlike data encryption, there is no key, so there should be no way to “read” or reverse the immutability.
Every manufacturing and production environment is unique. From appliance-based solutions, like OneXafe, to cloud disaster recovery as a service (DRaaS), StorageCraft, an Arcserve company, has solutions that can help you sleep more soundly, knowing that when the expected occurs, you’re ready. To learn more, watch an on-demand demo or contact us.