The rise of “smart manufacturing” using what’s known as the “industrial internet of things,” machines that communicate and cooperate with each other via the Internet, is a two-edged sword.

While it offers the promise of greater productivity and efficiency for manufacturers, it also exposes them to hacking and other cyber security threats.

Matter of fact, manufacturing ranks right behind health care and financial services among industries facing the greatest cyber security risk, according to the 2016 IBM X-Force Cyber Security Intelligence Index.

“The whole digital threat you hear about with the internet of things is real,” says David Linger, president and CEO of TechSolve, the Bond Hill-based manufacturing and health care consulting provider.

He offers this scenario: “When you go into a plant the first thing you want to do is get all of equipment with a PLC (programmable logic controller) or onboard computer networked on the internet to pull data on those machines and analyze the data. You add more sensors to get more information to help provide all the great things that the internet of things promises. But once you do that you’re exposing yourself to attack. Those machines can now be hacked,” he says.

He says companies tend to focus on their computer servers and IT infrastructure when they think about cyber security and forget about the computers imbedded in their other equipment.

TechSolve is part of Ohio Manufacturing Extension Partnership (MEP), a statewide network of regional organizations helping manufacturers stay competitive. It’s an initiative of the U. S. Commerce Department’s National Institute of Standards and Technology (NIST).

Linger says TechSolve has been selected to lead the cyber security initiative among the half dozen MEPs in Ohio by assessing the security of its own IT provider and helping other MEPs assess their cyber security.

TechSolve is also one of 10 MEPs nationally chosen to work with NIST on cyber security, specifically helping implement NIST 800-171, standards for defense contractors for information systems and policies.

It is not the big companies such as General Electric Co. and Boeing Co. who are at risk as much as their smaller suppliers, says Linger.

Under 800.171 defense contractors may not be able to do business with smaller vendors or suppliers who are not in compliance, he says.

To help build awareness among small and medium-sized manufacturers, TechSolve has teamed with the School of Information Technology at the University of Cincinnati on a series of half-day cyber security workshops aimed at manufacturers.

“UC has great strength in cyber security and they’re growing that area,” Linger says. “We’re working with their faculty and researchers to look at the unique needs of manufacturers.”

Linger says the free workshops cover a variety of topics including some common pitfalls for companies.

For example, thumb drives. They seem harmless enough.

“People find a thumb drive in the parking lot thinking somebody dropped it,” he says. “The first thing they do is plug into their machine and guess what? That’s where the virus was to infect their system.”

A thumb drive is an easy way to get access to a target’s system. If employees find drives, they should turn them over to their IT professional to do a scan, he says.

Some of the other questions addressed in the workshops include:

- What points of manufacturing operations are most vulnerable to attack?

- Where will industrial cyber-attacks come from, and why?

- Are financial and retail industry cyber-attacks similar to those in the manufacturing?

- How do I know if my company has been attacked?

- What are the tools available to manufacturers to detect a breach?

Right now, Linger says the focus is on education and building awareness but in the future they will focus more on solutions.

Part of the challenge is communicating to small manufacturers in a way that’s meaningful, he says.

“The sky is not falling, but the threat is real. What’s the right balance to communicate this to small companies? It’s not a one-size-fits-all solution.”

For more information on TechSolve’s cyber security workshops go to techsolve.org.


To receive more articles from Cincy Magazine sign-up for a complimentary subscription here: http://bit.ly/1RHuu3g