4 minute read
ADVERT PAGE GOLD
compliance in manufacturing are achieved by digitally managing business rules and capturing operations and equipment data. Industry 4.0 requires three basic elements: fast and secure digital connectivity on the shop floor, connected PLCs/automation or equipment involved in production, and a Manufacturing Execution System (MES) collecting data for use by operators, engineers, and leadership to improve production while providing end-toend real-time business insights.
Materion recognises that many of its factories will require significant investment in digital connectivity to begin the transformation process. Its Operations Digital Strategy team includes representatives from all BU Operations Leaders, Information Technology, and Engineering shared services to prioritise and execute this transformation. While the implementation takes time, the benefits are tremendous, and this keeps Materion competitive in the modern digital era.
Advertisement
1931 Year founded
3,700 Number of Employees $1.1Bn Revenue
Finding partners is a question of trust
Roosien is addressing the constant challenge of marshalling resources and ensuring the right skill sets are in place to move projects forward: “That’s always a big challenge. One thing I recommend is ensuring you find suitable partners. There are differences between suppliers, vendors, and trustworthy partners.
“We have challenges balancing operational needs with engineering and projects, and having that level of flexibility to work with my team and still deliver successful programs is really what sets them apart.”
A lot of this kind of industry work was paused for a couple of years during the pandemic, according to Roosien, and organisations are playing catch-up in many ways. “Making sure that you have an excellent prioritisation model is essential. What are the things on the list when something new comes in, what’s the highest priority, what do I focus on and make sure team members know how to prioritise?
“A prioritisation list is not stagnant; it’s going to change, so having the knowledge and ability to prioritise that on their own is even better. Equipping them with that is key.”
Materion has established partnerships along the way to successfully tackle international cyber threats with greater proficiency, including a number of exceptional partners that helps companies with tools like Advanced Threat Detection and Response services that provide 24x7 US Citizen SOCaaS and Managed Detection & Response Platform access. Collaborations with companies that have these kinds of technologies allow Materion, and many other companies, to facilitate joint investigations of various kinds of threats through cloud security resources, threat intelligence, government and defence industrial base threat management.
Using a FedRAMP HIGH Ready provider with a strong compliance background is particularly beneficial because it enables companies like Materion to meet its CMMC and NIST 800-171 requirements, while protecting its sensitive data and critical assets from potential threats. By collaborating with companies that have these kinds of capabilities, it’s given Materion the necessary tools and resources to respond to a range of global threats swiftly and effectively. As such, collaborative IT partnerships for a global company like Materion bolster its cybersecurity stance, enabling it to fulfil compliance objectives and combat any threats more efficiently.
With almost three-quarters of IT leaders reporting at least one ransomware attack in the last year, it’s crucial for businesses to take proactive measures
WRITTEN BY: MARCUS LAW
From phishing attempts to DDoS attacks, organisations today are facing wave after wave of security threats.
But, amid an ongoing economic downturn, staffing shortages and seemingly endless cyberattacks, some businesses are struggling against the rising tide of ransomware.
The 2017 WannaCry outbreak is perhaps one of the best-known, most damaging examples of a ransomware attack. With the ability to self-replicate, this ransomware strain went viral, infecting more than 200,000 systems across 150 countries. The attack impacted organisations across many sectors, bringing business operations to a grinding halt.
Years later, the global threat of ransomware remains at peak levels, with half of the organisations across all sizes, regions and industries telling Fortinet that they fell victim in the last year.
This month, Cyber Magazine speaks with David Higgins, Field Technology Office at CyberArk, about the ways organisations can protect themselves against ransomware attacks as well as his thoughts on how the threat landscape will continue to evolve in future.
Ransomware has devastating consequences for businesses
One of the most serious and costly cyber threats facing businesses today, ransomware is a specific type of malware that extorts victims for financial gain.
Ransomware attacks can have devastating consequences for businesses, such as disrupting operations, damaging reputation, exposing sensitive information, and incurring legal liabilities.
“When it executes, it prevents victims – usually by encryption – from interacting with their files, applications or systems,” explains Higgins. “Further, ransomware can also facilitate access to an organisation’s internal systems, allowing criminals to look for more machines to encrypt, valuable data to extort, backups to disrupt, shadow copies to delete, and files to be unlocked. This maximises the impact of an attack. Some of the more sophisticated ransomware attacks can even leave backdoors or hidden identities that allow attackers a way in for the future.
“Threat actors often target organisations based on their ability to afford large payouts and aim to hold their files and systems hostage until a ransom is paid.
DAVID HIGGINS
TITLE: SENIOR DIRECTOR, FIELD TECHNOLOGY OFFICE
COMPANY: CYBERARK
LOCATION: ENGLAND
David Higgins is Senior Director in the Field Technology Office CyberArk. Since joining CyberArk in 2010, David has worked to help many of the world’s largest, most complex organisations understand and secure access to their critical data and assets.
This is usually in the form of an untraceable cryptocurrency like Bitcoin. In some cases, victims are instructed to pay the perpetrator by a set time or risk losing access forever. In other cases, the perpetrator intermittently raises the ransom demands until the victim pays.”
How ransomware infects systems
As Higgins describes, by distributing ransomware in bulk using common “spray and pray” tactics – such as phishing, social engineering and exploit kits – attackers can target many organisations and infect numerous desktops, laptops and servers with minimal effort.
“Attackers can also, however, go to great lengths to understand a victim’s technology stack so they can identify and exploit vulnerabilities while pinpointing the most valuable data to encrypt and hold for ransom,” he says. “They can be extremely patient, escalating privileges to circumvent security systems and evading detection for months – or longer – before deploying the ransomware payload. During this time, attackers often target data backups (if they exist) so the organisation can’t restore files after they’ve been encrypted.”
Whereas traditional anti-virus solutions use signature patterns to identify and block
