In the manufacturing industry, the ability to produce and market products depends largely on satisfying the rules of governmental regulatory bodies and industry compliance practices.
In the realm of information security, a number of regulatory stipulations exist which must be balanced with industry-related threats and risk management.
Manufacturing is a diversified industry with a lot of moving parts, including mass production, purchasing, selling, and the information and data management requirement to keep track of it all in the present while simultaneously planning for the future. Most manufacturers are dealing with cyber and communication security, internet security, protecting customer information and managing sensitive information such as trade secrets and credit card or financial data through production and control systems. In order to offer simple platforms to end users and maximize market share, most vendors develop solutions with commercial off the shelf systems. While this approach is far easier than internal development, open technologies in current production systems mean increased risk of an information security breach. It is a well-known fact that software development is not always foolproof.
Furthermore, all businesses, particularly those with a notable online presence, are subject to the potential for being hacked. A company website means the potential for the following security threats:
Businesses must also ensure that security efforts are compliant with the latest industry and government standards. The manufacturing sector is subject to a number of regulations and laws, including:
Both methods of hacking and technology change every day. Protecting all aspects of your business and infrastructure from attack can be accomplished by staying informed of changes and newly surfacing threats in order to make the appropriate modifications to your security and line of defense.
That is the problem faced by a Fortune 1000-ranked $3B global manufacturer of welding products, arc welding equipment, welding consumables, plasma and oxy-fuel cutting equipment and robotic welding systems. Overseas companies were purchasing what they believed to be authentic robotic welding arms from resellers and purchase a service contract from the manufacturer. An increasing number of cases were identified in which a manufacturer services technician was dispatched to the plant floor for a repair only to discover that, while the robotic arm looked like all the other genuine robotic arms on the floor, it was actually a fake. The arm had been reversed-engineered with less expensive, non-supported parts.
Not only was this an issue related to tampering, but also an issue relating to the costs of the manufacturer making service calls to repair lower-quality, fraudulent equipment.
CSS worked with the manufacturer on this project to enable the installation of aigital certificates on each robotic arm during the manufacturing process. This allows the manufacturer to authenticate each arm over the internet before they sent a technician to reduce fraud and costs.