世界經(jīng)濟論壇:2024構(gòu)建制造業(yè)中的網(wǎng)絡(luò)彈性文化白皮書(英文版)_第1頁
世界經(jīng)濟論壇:2024構(gòu)建制造業(yè)中的網(wǎng)絡(luò)彈性文化白皮書(英文版)_第2頁
世界經(jīng)濟論壇:2024構(gòu)建制造業(yè)中的網(wǎng)絡(luò)彈性文化白皮書(英文版)_第3頁
世界經(jīng)濟論壇:2024構(gòu)建制造業(yè)中的網(wǎng)絡(luò)彈性文化白皮書(英文版)_第4頁
世界經(jīng)濟論壇:2024構(gòu)建制造業(yè)中的網(wǎng)絡(luò)彈性文化白皮書(英文版)_第5頁
已閱讀5頁,還剩75頁未讀, 繼續(xù)免費閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進行舉報或認(rèn)領(lǐng)

文檔簡介

BuildingaCultureofCyberResilienceinManufacturing

WHITEPAPER

MAY2024

Images:Midjourney,GettyImages

Contents

Executivesummary3

1Prioritizingcyberresilienceinmanufacturing4

1.1Whycyberresilienceisvitalformanufacturing4

1.2Themaincyberrisksinmanufacturing7

1.3Theglobalimpactofcyberattacks9

2Towardsacyberresilientmanufacturingsector:10

Uncoveringthechallenges

2.1Divergentculturesandresources10

2.2Increasedconnectivityandlegacysystems11

2.3Operationalsensitivitytodowntimeandextended12

ecosystemdependencies

2.4Strategicalignmentwithbusinesspriorities12

2.5Widespreadandcomplexregulatorylandscape12

3Guidingprinciples15

3.1Makecyberresilienceabusinessimperative16

3.2Drivecyberresiliencebydesign22

3.3Engageandmanagetheecosystem28

Conclusion34

Contributors35

Methodology37

Endnotes38

Disclaimer

Thisdocumentispublishedbythe

WorldEconomicForumasacontributiontoaproject,insightareaorinteraction.

Thefindings,interpretationsand

conclusionsexpressedhereinarearesultofacollaborativeprocessfacilitatedand

endorsedbytheWorldEconomicForumbutwhoseresultsdonotnecessarily

representtheviewsoftheWorldEconomicForum,northeentiretyofitsMembers,

Partnersorotherstakeholders.

?2024WorldEconomicForum.Allrightsreserved.Nopartofthispublicationmaybereproducedortransmittedinanyformorbyanymeans,includingphotocopyingandrecording,orbyanyinformation

storageandretrievalsystem.

BuildingaCultureofCyberResilienceinManufacturing2

May2024

BuildingaCultureofCyberResilienceinManufacturing

Executivesummary

Themanufacturingsectoroperateswithina

complexecosystem,characterizedbyavariety

ofsites,extensivesupplychainsandinterlinkednetworks.Thisecosystemreliesonamultitudeofsuppliers,vendorsandpartners.

Overthepastdecade,manufacturinghasbeen

experiencingaswiftdigitaltransformation,which

isfuellinggrowth,efficiencyandprofitability.This

trendhasalsoexposedthesectortoawiderangeofcyberthreats,makingitthemosttargetedby

cyberattacks–overthepastthreeyears,the

manufacturingsectorhasaccountedforoneinfourofallcyberincidents.

Atthe2023AnnualMeetingoftheWorldEconomicForuminDavos,businessleadershighlighted

theneedtoaddresscybersecurityrisksfor

manufacturingattheecosystemlevel,thuskick-

startingtheCyberResilienceinManufacturing

initiative.LedbytheCentreforCybersecurity

andtheCentreforAdvancedManufacturingand

SupplyChainsattheForum,thisinitiativehas

broughttogethermorethan30representativesfromacrossthemanufacturingecosystem.Theaimistodevelopactionableguidanceonhowtodevelopacultureofcyberresilience.

Throughextensiveresearchandconsultations

withindustryleadersaswellasstandard-setting

andregulatorybodies,theCyberResiliencein

Manufacturinginitiativehaspreviouslyunderscoredthefiveprimarychallengesfordevelopingacultureofcyberresilienceinthemanufacturingecosystem.

Inresponsetothese,theinitiativehasalsoformulatedthreeguidingprinciplestosupportmanufacturing

andsupplychainleadersinestablishingapervasivestrategyfordevelopingacyberresilienceculture

throughouttheirorganizations:

1.Makecyberresilienceabusinesspriority:Embedcyberresilienceintheorganization’sDNAorfoundationalstructure,fromthe

leadershiptotheshopfloor.

2.Drivecyberresiliencebydesign:Integratecybersecurityintopeople,processesand

assets.

3.Engageandmanagetheecosystem:Buildtrustedpartnerships,managethird-partyrisksandraisesecurityawarenessbyidentifyingthekeystakeholders.

Thesethreeprinciplesareinterlinkedandmutually

supportive–andareapplicableacrossany

manufacturingindustryandlocation.Eachprincipleisdefinedwithadditionalguidance,contextualizedwithkeyconsiderationsandcomplementedwith

real-worldmanufacturingusecasestofacilitateadoptionandeffectiveimplementation.

Theplaybooksuggestedinthispaperservesas

apragmaticframeworktoenablebusinessesto

navigatestrategic,organizational,operational,

technicalandregulatorychallenges–andwill

fosterarobustcultureofcyberresiliencethatcan

effectivelycounteractbothcurrentandfuturethreats.

BuildingaCultureofCyberResilienceinManufacturing3

1

Prioritizingcyberresiliencein

manufacturing

Manufacturingisamongthesectorsmost

targetedbycyberattacks,withdisruptions

havingsevereimpactontheglobaleconomy.

1.1

Whycyberresilienceisvitalformanufacturing

Manufacturingisaglobalanddiversesectorthatisessentialtosocietyandtheglobaleconomy.Itspansvariousindustriessuchasconsumergoods,electronics,automotives,energy,healthcare,foodandbeverage,heavyindustry,andoilandgas.

Overthepastdecade,digitaltransformationhasacceleratedwithinthesector,withcontinuous

investmentsininnovationandemerging

technologiessuchasdigitaltwins,robotics,

generativeartificialintelligence(GenAI),cloud

computingandtheindustrialinternetofthings

(IIoT).1Whilethisprogressivedigitalizationfostersgrowth,efficiencyandprofitability,italsoconnectsindustrialandoperationaltechnologies(OT)tothedigitalworld,exposingthesectortocyberthreats.

Heightenedconnectivityofthemanufacturing

digitalecosystemtovariousenterprisesystems,theinternet,cloudprovidersandserviceproviderspresentssignificantchallengesintheindustrialOTenvironments.Thistransitionfromtraditionalair-gappedsystemstohyperconnectedenvironments

augmentscybersecurityrisks.Furthermore,

discrepanciesininvestmentsbetweenlow-andhigh-revenueorganizationsexacerbatethese

challenges.2Theboostindataexchangewiththeentiresupplychain,includingsmallandmediumenterprises(SMEs)thataretypicallylow-tech,hasincreasedthisrisk.

Theupsurgeinconnectivityanddatatransparencyinthemanufacturingecosystemhasexpanded

thesector’sexposure,makingit,forthreeyearsinarow,thesectormosttargetedbycyberattacks,accountingfor25.7%,3withransomware

comprising71%oftheseattacks.4Giventhe

complexityofmodernsupplychains,disruptions

alongthemanufacturingprocesscanhavesystem-widecascadingeffects,beyondthecontrolofanysingleentity.

Theinherentcomplexitiesofmanufacturingand

supplychainsdemandaholisticapproachto

mitigatingcyberrisks.Embeddingacultureofcyberresilienceintheorganization’sDNAisessential.

BuildingaCultureofCyberResilienceinManufacturing4

FIGURE1Themanufacturingecosystem

Upstreamsupplier

Inboundtransport

s

r

e

I

i

l

p

p

d

n

su

irectsup

Manufacturer

t

c

e

r

i

D

ie

l

p

s

r

Outboundtransport

Downstreamconsumer

BuildingaCultureofCyberResilienceinManufacturing5

i

e

p

p

Tr3suliers

Third-partylogistics

Sole-sourcedtier3

2

r

p

Tiesupliers

s

i

T

s

p

er1uplier

Single-sourcedtier2

Contract

manufactures

Vendors

Serviceproviders

Outboundtransport

Downstreamconsumer

Source:AdaptedfromGartner.

BuildingaCultureofCyberResilienceinManufacturing6

FIGURE2

Increasingcyberthreatsinmanufacturingrequireanevolutionofcyberresilience

2020s

Internetofthings,smart

andautonomoussystems,arti?cialintelligence,bigdata

Future

Arti?cialintelligenceandbeyond…

1999

Theglobeisconnected

bytheinternet

2010s

Cloudcomputing

DigitalconnectivityDigitalautomationandarti?cialintelligence

2015s

Increaseincyberattacks

2000s

Mobile?exibility

2020s

Industry4.0

Growthofcyberattacks

Cyberresiliencetimeline

InformationsecurityAntivirusprotectionofdataandsystems

Cybersecurity

Abilitytoprotectordefendtheuseofcyberspacefrom

cyberattacks

Cyberresilienceinmanufacturing…

…istheabilitytoanticipate,protectagainst,withstandandrecoverfromanycyber-relatedeventimpacting

manufacturingoperations

>

Source:SiemensandWorldEconomicForum

1.2

Themaincyberrisksinmanufacturing

Cyberattackscannotonlydisruptbusinesses

andsupplychains,offsettingthegainsfrom

digitalization,butalsoresultinfinancial,productivity,reputationalandevenphysicaldamage.Infact,

nearly57%ofcyberattacksonOTin2022hadreal-worldphysicalconsequences,includingproductionandloadingdisruptions,firesdamagingequipmentandaccidentsputtingshop-floorworkersatrisk.5

Thetallyofcyberattackscontinuestosurgeyearafteryear,withextortion-basedattacksremainingaprominenttype.6In2023,ransomwarepaymentsreachedanunprecedented$1.1billion.7Overthecourseof2023alone,thenumberofransomwareattacksonindustrialinfrastructuredoubled,

posingasignificantthreattosupplychainandmanufacturingoperations.

Ransomwareremainsthetop-of-mindconcernfor

manufacturerswith40%oftheCyberResiliencein

Manufacturingsurveyrespondents8rankingitfirst.

Accordingtorecentresearch,ransomwareattacks

onindustrialorganizationsincreasedbynearly50%in2023,with71%ofattacksdirectedatmanufacturers.9

Manufacturingorganizationspresentanattractivetargetforransomwareattacks,giventheirlow

tolerancefordowntimeandtheirrelativelylow

levelofcybermaturitycomparedtoothersectors.Furthermore,theseindustriesfrequentlyunderinvestincyberresilience,primarilyduetothesubstantialcostsassociatedwithredesigningmanufacturing

linesandupgradingequipment.10

Amongthesignificantrisksfacingmanufacturing

organizations,socialengineeringandphishing,

rankedasthesecondmostprominentcyberthreatsoverall,wereidentifiedby34%ofsurvey

respondents.Followingclosely,supplychain

attackssecuredthethirdposition.Insiderthreatsanddenialofserviceattacksrankedlowerintheoverallhierarchyofcyberthreatsforthesurvey

respondentsoverall.

However,respondentsfromthehealthand

healthcaresectorrankedinsiderthreatastheir

secondmostconcerningcyberthreat,alongsideransomware,withsupplychainattackstakingthetopspot.Similarly,participantsfromthefoodandbeverageindustryalsohighlightedinsiderthreatsasatopconcern,followedbysocialengineeringandransomware.

Toreapthebenefitsofdigitalization,itiscrucialfor

themanufacturingsectortobepreparedagainstthegrowingthreatlandscapeandbecomecyberresilient.

BuildingaCultureofCyberResilienceinManufacturing7

FIGURE3Topfivecyberriskstomanufacturing

1

>

Ransomware

Atypeofattackwherethreatactorstakecontrolofatarget’sassets,encryptthemanddemandaransominexchangefor

thereturnoftheasset’savailability.Attackerscanbreachintellectualproperty(IP)information,accessvictims’dataandblockcriticalsystemsbelongingtomanufacturersortheircriticalthirdparties,disruptingday-to-daybusinessactivities.

2

>

Socialengineeringattack

Exploitspeoplebybenefitingfromhumanerrororbehaviourtoaccessinformationorservices.Itusesmanipulationtotrickvictimsintogivingawaysensitiveinformation.Commonmethodsincludephishing,spear-phishingandothertacticslike

baitingandscareware.

3

>

Supplychainattack

Focusesontheinteractionsandconnectionsbetweenorganizationsandtheirsuppliers.Attackersusetheservicesupplier’s

vulnerabilitiestoaccessordisruptthemanufacturingorganization.Attacktechniquesinclude:malwareinfection,socialengineering,brute-forceattack,exploitationofsoftwarevulnerabilityorconfigurationvulnerability,physicalattackandcounterfeiting.

4

Insiderthreatattack

Leveragesaninsiderpersonnel’sauthorizedaccessorunderstandingofanorganizationtoharmthatorganization.Thisharmcanincludemalicious,complacentorunintentionalactsthatnegativelyaffecttheintegrity,confidentialityandavailabilityoftheorganization,itsdata,personnelorfacilities.

Denialofservice(DoS)ordistributeddenialofservice(DDoS)

Accomplishedbyfloodingthetargetedhostornetworkwithtrafficuntilthetargetcannotrespondorsimplycrashes,preventsaccessforlegitimateusers.Thispreventslegitimateusersfromaccessinginformationsystems,devices,insiderpersonnelorothernetworkresources.

>

5

Source:CyberresilienceinManufacturingSurvey;ENISAThreatLandscape2023;11NIST12

BuildingaCultureofCyberResilienceinManufacturing8

1.3Theglobalimpactofcyberattacks

attackonalargesemiconductorindustrysupplierresultedinanestimatedcostof$250millioninthenextquarter.16Similarly,in2022,aprominentcarmanufacturerwasforcedtosuspendproductionat14plantsforaday,leadingtoanestimatedoutputlossof13,000cars,duetoacyberattackagainstacomponentssupplier.17

TheCyberResilienceinManufacturingsurvey

(pleaseseetheMethodology)identifiesbusiness

disruptionastheprimaryimpactofcyber

incidents,with60%ofrespondentshighlightingitssignificance.ThesefindingsalignwiththeGlobal

CybersecurityOutlook2024,where45%ofleadersexpressedoperationaldisruptionastheirgreatest

concernintheeventofacyberincident.Safety

concernsrankedsecond,with35%ofrespondents,followedbypotentialdamagetocustomerassets.Theseinsightsemphasizetheprofoundand

far-reachingimpactofcyberattackswithinthe

manufacturingsectorandtheurgentneedforrobustcybersecuritymeasurestosafeguarditsintegrity.

Withproductionfacilitiesspanningtheglobe,eachinterconnectedentityactsasbothaproducerandaconsumer,creatingacomplexnetworkvulnerabletocyberthreats.Consequently,acyberattackon

onecompanycantriggerrippleeffectsacrossthe

entireecosystem,leadingtocostlyconsequences.13

Theresultingrisksaresystemic,contagiousand

oftenbeyondtheunderstandingorcontrolofanysingleentity.AccordingtotheGlobalCybersecurityOutlook2024,54%oforganizationslackadequatevisibilityintothevulnerabilitiesoftheirsupplychain.Additionally,41%oforganizationsthatsufferedamaterialimpactfromacyberattackreportedthat

thebreachoriginatedfromathirdparty.14

Recentcyberincidentsfurtherhighlightthe

immensefinancialandoperationaltollofsuch

attacks.Forinstance,inFebruary2024,aGermanbatterymanufacturerexperiencedasignificant

cyberattack,resultinginproductionhaltsatfive

plantsforovertwoweeks.15In2023,aransomware

FIGURE4Theimpactofcyberattacksworldwide

Thecostofcybercrimehasincreased125%peryearonaverage,withtheimpactofasuccessfulcyberattackreaching$4.73millionperattackinindustrialsettings.Ifthisgrowthcontinues,theprojectedglobalimpact

135

124

120

105

104

$528

$527

$521

67

$410

couldreach$10.5trillionby2025

125%

Annualincreaseinglobalcostofcyberattacks

$4.73million

Averagecostofadata

breachwithprojectionsitcouldreach$10.5trillionby2025

$374

41

$156

$268

35

$122.5

12-15%

Ofcyberattacksrelate

tobusinesspartners

andsoftwaresupplychains

20152016201720182019202020212022202320242025

.Numberofsigni?cantcyberattacks

Averageglobalcostofsigni?cantcyberattacksperyear($million)

Source:McKinsey&CO,IBM2023CostofaDataBreachReport,WorldEconomicForumanalysis.

BuildingaCultureofCyberResilienceinManufacturing9

Towardsacyber

resilientmanufacturingsector:Uncoveringthechallenges

Organizationalchallengesrankasthetopdimensioninhibitingtheadoptionofacyberresilientculture.

Themanufacturingsectoroperateswithina

complexecosystemcharacterizedbydiverse

sites,extensivesupplychainsandinterconnectednetworks,whichrelyonnumeroussuppliers,

vendorsandpartners.Whilethesectorreapsthe

benefitsofdigitalizationandemergingtechnologies,italsograppleswithchallengesacrossfive

dimensions,eachpresentinguniquehurdlesonthepathtocyberresilience.

FIGURE5

Fivekeydimensionsofchallengesinmanufacturing

Organizational

Alignmentacrossorganizational

structure

Operational

Integrationwithoperational

work?ows

Regulatory

Compliancewithglobalregulatoryrequirements

Technical

Capacityfor

technical

implementation

Strategic

Positioningamongbusinesspriorities

2.1

Divergentculturesandresources

Divergentorganizationalculturebetweenenterpriseandindustrialenvironmentspresentsthemost

significantobstacletocybersecurityefforts,

accordingtotheCyberResilienceinManufacturingsurvey(pleaserefertoMethodology).

–Distinctpriorities.ITandOTteamstraditionallyworkatdifferentendsofthetechnologystackanddataflow.Theytendtoapproach,prioritizeandgoverncybersecuritydifferently.Lackof

collaborationonaformalIT/OTconvergencestrategyhinderssecuredigitalizationof

industrialenvironments.

–Fragmentedcybersecuritygovernance.

Manyorganizationslackacomprehensive

cybersecuritygovernanceframework,leading

todecentralizeddecision-makingatthe

manufacturingsitelevelandhenceincreased

risk.Effectivecybersecuritygovernance

requiresawareness,trainingandincentives

acrossalloperationalsites,makingsurethey

allintegratecybersecurityintodailyhygiene

routines,similartoalreadyexistingpracticesforemployeesafety,productqualityandequipmentmaintenanceandintegration.

2

BuildingaCultureofCyberResilienceinManufacturing10

–Distributionofresponsibilities.Withthe

increasedpressureonbusinesstocutcost

andincreaseprofitability,manyorganizations

tendtohavepeoplewearingmultiplehatsand

performingvarioustasks,ignoringtheimportanceofsegregationofdutyandtheassociatedrisks.Forexample,databaseadministratorsmayserveassystemadministrators,enablingthemtohaveoverarchingrightstodeletelogsandcoverup

instancesoffraud.

–Talentshortage.Theglobalcybersecurity

talentshortage,reachingnearly4million,is

furtherexacerbatedinthemanufacturingsector,wheretheshortagesurpasses67%.18Findingandretainingtalentwithexpertiseinboth

cybersecurityandmanufacturingoperationscanbedifficult,makingthecyberresiliencejourneyharder.

2.2

Increasedconnectivityandlegacysystems

Technicalchallengeshavebeenrecognizedas

thesecondlargesthurdletocyberresilience.

Theconvergenceofoutdatedlegacysystems

withtheproliferationofconnectedassetswithinindustrialcontrolsystemshasengenderedan

environmentinadequatelypreparedtowithstandthesophisticatedtacticsandcapabilitieswieldedbycybercriminals.

–Legacysystems.LegacyOTandindustrial

controlsystemsintroducesignificant

vulnerabilitiesduetooutdateddesignsand

limitedaccessmanagement.Despitetheirage,thesesystemsremainintegraltomanufacturingoperations,functioningastheywereoriginallyintended.However,thechallengeliesintheir

inabilitytoadapttomoderncybersecurity

standardsandtotheevolvingthreatlandscape.Compoundingthisissueisthereluctanceto

replacethesesystemsduetothehighcosts

involved,aswellastheirinterconnectednature.Consequently,financialresourcesareoften

redirectedtomoreimmediateoperational

needs,leavinglegacysystemsvulnerable.Withnearly71%ofthesesystemslackingproper

supportandrobustaccessmanagement

procedures,therisksassociatedwithlegacyinfrastructureareescalatingrapidly,doublingyearbyyear.19

–Emergingtechnologiespresentadouble-edgedsword,bringingbothopportunities

andchallengestocybersecurity.Investments

incutting-edgetechnologiesintroduce

complexityandnewrisks,requiringaholisticandcomprehensiveupdateofcybersecuritystrategies.Forinstance,theproliferationof

highlyconnectedindustrialinternetofthings(IIoT)devicesandthewidespreadadoptionofartificialintelligence(AI)aimtoimproveservicedeliveryandproductivity.However,theyalsocreatenewpointsofentryandexpandthe

attacksurfaceformaliciousactors,requiringproactiveadjustmentsofcybereducation,riskassessmentandvalidationprotocols.

–Softwarereliance.Mostmanufacturing

processes,operationsandkeyapplicationsarebasedonsoftwareapplications.Infact,softwareplaysacrucialroleinoptimizing

processes,increasingefficiencyand

ensuringproductqualityforkeyareassuch

asprocurement,invoicingandsupplychain

automation.Theseprocessesarecrucialand

theirhyperconnectivityandinteroperability

complicatesthetaskformanufacturersandtheirsupplierstoensureagoodsecurityposture.20

Whilemanagingthelargesoftwareenvironmentanditsconnectivityiscumbersome,thefact

thatanaverageof77%-90%21ofanygiven

pieceofmodernsoftwareisopen-source

softwaremakesitevenhardertocontroland

attestforitssecurity.TherecentexampleoftheXZbackdoorhighlightsthisproblem,giventhatthebackdoorwasintroducedin2021andonlydiscoveredin2024.22

BuildingaCultureofCyberResilienceinManufacturing11

2.3

Operationalsensitivitytodowntimeand

extendedecosystemdependencies

Operationalchallengeshindermanufacturing

resilience,rankingthirdamongthechallengesinthesurvey,giventhedigitalizationandautomationofmanufacturingoperationsandtheiroften-

continuousthroughputrequirement.

–Downtimesensitivity.Limiteddowntime

tolerancemakesmanufacturingcompaniesprimetargetsforransomwareattacks,constraining

regularsystemupdatesandpatches.

–Ecosystemrisks.Asmanufacturing

facilitiesembraceinterconnecteddata-drivenprocesses,relianceoncloudservicesand

remotemaintenanceoperations,thescopeofriskextendsbeyondtraditionalsupply

chainstoencompassabroaderecosystem.Thisintricatenetworkofdependencies

challengescybersecuritystrategies,requiringacomprehensivemappingtoaddressbothdirectandindirectrisks.

–Paceofdigitalization:Rapiddigitalization

drivestheneedfornewexpertiseinboth

internal(e.g.industrialization)andexternal(e.g.roboticsandAI)domainstomanageevolvingriskprofileseffectively.

Strategicalignmentwithbusinesspriorities

2.4

Strategicchallengesarisefromthedynamic

tensionsbetweeneconomicfactors,marketforcesandgeopoliticaltensions.

–Integratingcybersecuritystrategyinto

businessprioritiesremainsapersistent

challengeformostorganizations,astheyoftenprioritizeshort-termbusinessobjectivesoverinvestinginlong-termresiliencemeasures.

–Continuouslyshiftingmarketdynamics

furthercomplicatestrategicdecision-makingandhindercybersecurityinvestmentsand

prioritization,asorganizationsgrapplewiththeneedtoadaptquicklytonewmarketdemandsorcompetitivethreats.

–Increasinggeopoliticaltensionsimpact

manufacturingorganizationsbothdigitallyandphysically.Decentralizedoperationsand

relianceonglobalITandOTsuppliersamplifythesechallenges,requiringrobustcyber

resiliencestrategies.

Widespreadandcomplexregulatorylandscape

2.5

Manufacturingorganizationsmustadhereto

variousregulationsandindustrystandardsrelatedtohumanandproductsafety,dataprotection

andcybersecurity.Thedecentralizedoperationalenvironmentandfragmentedanddiverse

local,regionalandindustry-specificregulatorylandscapesaddanotherlayerofcomplexitytocybersecurityefforts.

–Widespreadregulationsposeasignificantchallengeforthemanufacturingsector.For

example,intheEuropeanUnion,anew

legislativeproposal,theCyberResilienceAct,isbeingdiscussedtointroducemandatory

cybersecurityrequirementsforhardwareandsoftwareproductsthroughouttheirlifecycle.Additionally,legislationssuchastheupdatedNetworkandInformationSecurity(NIS2)andCriticalEntitiesResilience(CER)directives

classifycertainmanufacturingindustries

as“essentialentities,”mandatingthemto

managetheirsecurityrisksandpreventor

minimizetheimpactofincidentsonrecipientsoftheirservices.Duetothelargevarietyof

requirements,organizationshavetoadapttheiroperationsandproductstolocalandregionalrequirements.Atthesametime,thedifferent

incidentreportingrequirementsandtimelineschallengeorganizationsontheirresponse

mechanismsandreactiontime.

–Legislativedevelopments:IntheUnited

States(US),federalregulationstargetspecificsectorslikewater,transportationandpipelinesandanationalcybersecuritystrategywas

releasedinMarch2023.TheUSCybersecurity&InfrastructureSecurityAgency’sCross-

SectorCybersecurityPerformanceGoals

BuildingaCultureofCyberResilienceinManufacturing12

outlinecybersecuritypracticesthatallcriticalinfrastructureentities,largeorsmall,shouldvoluntarilyimplementtoreducerisksto

bothcriticalinfrastructureoperationsand

UScitizens.23Thecountry’sSecuritiesand

ExchangeCommissionhassetanewprecedentbycha

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論