CIA Requirements for Manufacturing Industry

Disaster, computer crimes, security breaches are the most common terms widely using by the business organizations while discussing or reviewing their security functionalities and possible risks. In order to minimize theses risks accurate risk mitigation measures and risk responses should be implemented by the business organizations. The sector specifically chosen for this essay is manufacturing industry.

A primary research is being conducted to understand as well as realize the difference between general management control and application control used by the manufacturing companies to reduce the risks (Zhang and Gupta 2018). Three potential security issues those are interrupting the regular success and expected outcomes of the manufacturing organizations and the respective risk mitigation approaches needs to be evolved to minimized these risks are all elaborated in this essay. Apart from this, in order to achieve the CIA requirements of the manufacturing industry are also illustrated in this essay.

According to Lee and Lee (2015) one of the most noteworthy advances identified in the computer science development, information and communication technologies are represented by cyber physical security (CPS). Within the latest installment in security profile series as well as compliance risks various industries are facing variant challenges. If consumers goods, broad range company presentation are included and considered for the organizations then different types of security threats will be identified. Based on the product and service types the security threat also varies from each other. The cyber physical system is used for collaborating different computational entities together. The Research and Development (R&D) department of the manufacturing industries are required to be identified at the project initiation phase. Zhong et al. (2016) stated that in order to distribute the products and goods professionally and properly among the consumers and other user’s proper supply chain management mechanism is required to be incorporated.

The manufacturing industry should also focus on the materials they are expecting from the suppliers (Dofe et al. 2017).  The contracted vendors and suppliers should supply quality raw materials to fulfill the manufacturing needs and requirements. Professional project management system will affect the manufacturing companies is various ways that include input availability required for processing the production, cost and manufactured item profitability. This will help to create a professional relational between the suppliers and consumers (Monostori et al. 2016). The industrial managers and entrepreneurs must follow strategic viewpoints of the users and product and service developers. On the other hand, Inter of Things (IoT) is recognized as a very crucial area of future technologies and it is also obtaining vast attention from different range of industries. The IoT technologies that are essential for IoT based product and service development in the manufacturing industry must undertaken all enterprise application. According to Beninger (2017) it will help to improve the values of the consumers.

Challenges Faced and Mitigation Measures

Use of technologies are increasing day by day however, if accurate physical security measures are not adopted by the manufacturing industry then it will cause major threats to the organizational owners. Moreover, it can be said that each of the technologies utilized in the manufacturing industry must have proper protection and security measures. The manufacturing industry offers either services or products to their consumers. Reliable inputs and distribution cost are the main concern or focus for the owners of the manufacturing industries. The knowledge management area that come under the focus of any manufacturing industry is supply chain because whatever service and product the company offers should be shipped or delivered to the consumers within expected time and budget. A poor supply chain management system can bring the entire production of the manufacturing industry to a halt.

According to Urciuoli and Hintsa 2017) if the industry fails to adopt proper security measures in terms of cryptography, firewall and DMZ then the entire industry will face massive operational and functional errors.  In order to deliver services and products these days all the manufacturing industries use online services. In case of online services and operation the consumers have to input their financial and personal information. This information stored in the server must not be retrieved or accessed by any of the users. It is essential for the developers to implement proper security measures so that only authorized users get opportunity to access information from the server (Lopez et al. 2017). The manufacturer could be forced for procuring materials from all alternative resources much quickly that possibly results high price of the products along with lower profitability rate. If all the data are not professionally protected then any user would come and access information and misuse those easily. Technical advancement is the best possible way can be used to protect the information from the unwanted attackers. The infrastructure of the company is also required to be secured.

The industrial and manufacturing companies mostly do not consider themselves as a profitable target for cyber security as a result they do not focus on the security mechanisms. Three different security risks facing by the manufacturing companies are as follows:

Usage of older technologies: According to Soomro, Shah and Ahmed (2016) most of the manufacturing industries these days use older technologies which causes outdated manufacturing base and gives high competition to the other industries. Old technology makes the usable system much susceptible to be attacked. The others may be designed initially for the internet connectivity. Opara-Martins et al. (2015) stated that it is the responsibility of the security providers and marketing manager of the manufacturing industries to improve the security concerns. The others may not have been designed to assist the internet connectivity. According to Zhang and Gupta (2018) the unsupported version of Microsoft operation system will also restrict the system run. Apart from this, sometimes it is also found that people who have implemented the operational and functional activities in the manufacturing industry are not present. That time if any sort of error is determined then major challenges will occur in the operational activities (Susanto and Almunawar 2016). The main reasons for which globally the rate of ransonware attack is increasing are use of older Windows version.

Usage of Older Technologies

Inappropriate industrial system: The other threat that interrupts the business effectiveness and operational efficiency of the manufacturing industries is inappropriate usage of industrial system (Frost and Hamlin 2017). As the manufacturing industry is completely relied upon industrial control system therefore, if proper security measures are not considered then the entire industry success will be corrupted (Yang and Fung 2016). It is responsibility of the senior security engineer or senior specialist to develop the security solution in such way so that it can resolve the industrial challenges. Mostly these manufacturing systems are connected to ICS network therefore security foe those networks are also required. The associate system actors also create massive threat to the business organization. In order to mitigate the operational and functional risks proper security measures are to be possessed by the manufacturing industry. In fact if proper industry system is not adopted then the third parties and internal users will get a chance to easily access in credentials and other information as well.

Information access: The other severe challenge that interrupts the output and security measures of the manufacturing industry are access to all information (Urciuoli and Hintsa 2017). The users should not have irregular access to the confidential information set. No presence of technical and managerial mechanism will lead the success of manufacturing industry towards failure. Certain free resources are readily available in the market those are widely used by the manufacturing industries to keep the consumers and users engaged to their services (Opara-Martins, Sahandi and Tian 2015). As the numbers of users and consumers are increasing day by day therefore, managing them all has become a major risk. The security managers are to investigate on cyber security providers to adopt the most suitable security measure in their manufacturing industry. For the manufacturing industry other risks those can be evolved in future are application of IOT and investment on the IOT applications.

Information access risk: The risk that has been addressed for this essay is information access. It is mandatory for the manufacturing company head to implement proper security measures to keep the confidential information secured from the external and unauthorized users. This threat can again be subdivided into two phases such as internal threat and external threat (Susanto and Almunawar 2016). Internal threat are generated due to individual activities those have legitimate access like employees, contractors, some associate sponsors etc. Identification of these internal intruders is very difficult from the industrial perspectives. These types of users can easily access informant and use them to fulfill some unethical purposes. In order to resolve the risks with information access the protection mechanism those are to be implemented include the below:

Inappropriate Industrial System

Implementation of encryption technology: Use of encryption technology is referred to as one of the most appreciated approach that helps to protect the information stored in the server. It converts the plain text into cipher text and only authorized users have the authentication to decrypt these data with the help of encryption key (Mills et al. 2016). This mechanism verifies the message origin and proofs that the content of the message are all as it is and not been changed. In this process the sender can never deny while sending the messages.

Use of strong password and firewall: Application firewall is a kind of control input that helps to operate through potentially monitoring and blocking the system inputs, outputs and other services. The application firewall helps to limit the access in the operating system (Zhang and Gupta 2018). A conventional firewall can control the data flow which implies that none of the unwanted users will be able to access information from the server.

The general management control approach is used every day by the manufacturing industry managers and working employees to successfully complete the identified industrial objectives of the business organizations (Beninger 2017). The general management control is the operational methods enables work for proceeding as expected previously. Mainly, the general management control discourages the possible risks and all assumed irregularities.

In order to protect the functionalities against identified manufacturing industry threats the industry should consider the general and application management control.

For instance, most of the manufacturing industries use both the general access control and application control to protect their IT environment from the unwanted users (Shukla et al. 2017). The access management control is referred to as a process helps to integrate the functionalities and operations related to user database auditing and enforcement are all managed with the help of he application management control approach. On the other hand, the industry should also use this tool followed by proper policies and regulations.

The resources those can be misused in coming future include illegal site visit, implementation of certain unauthorized changes, and spread of scam, spam or malicious codes. Installations of illegal software into the system used in the manufacturing industry can again implement massive issues and challenges for the operational manager. Installation of a weaker password is another challenge that interrupts expected success line and outcomes of the manufacturing industry (Dautov et al. 2017). Apart from this, the manufacturing industry requires to follow the payment card industry level data security standards to encrypt the data of the consumer’s payment cards. In order to achieve the Central Intelligence Agency (CIA) standards the committee members should use end to end encryption to intercept the communication channel between the intruders and users. The resources those can be misused in coming future include illegal site visit, implementation of certain unauthorized changes, and spread of scam, spam or malicious codes. Installations of illegal software into the system used in the manufacturing industry can again implement massive issues and challenges for the operational manager. Installation of a weaker password is another challenge that interrupts expected success line and outcomes of the manufacturing industry

Information Access

References 

Beninger, P., 2017. Opportunities for Collaboration at the Interface of Pharmacovigilance and Manufacturing. Clinical therapeutics, 39(4), pp.702-712.

Dautov, A.L., Puryaev, A.S. and Sotnikov, M.I., 2017. THE STUDY OF THE ACCESS MONITORING AND CONTROL SYSTEM APPLICATION IN ENTERPRISES. JOURNAL OF FUNDAMENTAL AND APPLIED SCIENCES, 9, pp.1820-1829.

Dofe, J., Gu, P., Stow, D., Yu, Q., Kursun, E. and Xie, Y., 2017, May. Security threats and countermeasures in three-dimensional integrated circuits. In Proceedings of the on Great Lakes Symposium on VLSI 2017 (pp. 321-326). ACM.

Falkenthal, M., Breitenbücher, U., Christ, M., Endres, C., Kempa-Liehr, A.W., Leymann, F. and Zimmermann, M., 2016. Towards function and data shipping in manufacturing environments: how cloud technologies leverage the 4th industrial revolution. Proceedings of the 10th Advanced Summer School on Service Oriented Computing, pp.16-25.

Frost, J. and Hamlin, A., 2017. INTERNET SECURITY AND PRIVACY THREATS, AS PERCEIVED BY AMERICAN AND INTERNATIONAL BUSINESS STUDENTS. Global Journal of Business Disciplines, 1(1), p.36.

Lee, I. and Lee, K., 2015. The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons, 58(4), pp.431-440.

Lopez, A.B., Vatanparvar, K., Nath, A.P.D., Yang, S., Bhunia, S. and Al Faruque, M.A., 2017. A security perspective on battery systems of the Internet of Things. Journal of Hardware and Systems Security, 1(2), pp.188-199.

Mills, A.J., Watson, R.T., Pitt, L. and Kietzmann, J., 2016. Wearing safe: Physical and informational security in the age of the wearable device. Business Horizons, 59(6), pp.615-622.

Monostori, L., Kádár, B., Bauernhansl, T., Kondoh, S., Kumara, S., Reinhart, G., Sauer, O., Schuh, G., Sihn, W. and Ueda, K., 2016. Cyber-physical systems in manufacturing. CIRP Annals, 65(2), pp.621-641.

Opara-Martins, J., Sahandi, R. and Tian, F., 2015, November. A business analysis of cloud computing: Data security and contract lock-in issues. In 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC) (pp. 665-670). IEEE.

Pogliani, M., Quarta, D., Polino, M., Vittone, M., Maggi, F. and Zanero, S., 2019. Security of controlled manufacturing systems in the connected factory: the case of industrial robots. Journal of Computer Virology and Hacking Techniques, pp.1-15.

Shukla, S., Shroff, P., Nair, V. and Kuruvilla, R., 2016. Access Management and Control using NFC. International Journal of Science and Research (IJSR), 5(3), pp.564-566.

Soomro, Z.A., Shah, M.H. and Ahmed, J., 2016. Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), pp.215-225.

Susanto, H. and Almunawar, M.N., 2016. Security and privacy issues in cloud-based e-government. In Cloud Computing Technologies for Connected Government (pp. 292-321). IGI Global.

Thoben, K.D., Wiesner, S. and Wuest, T., 2017. “Industrie 4.0” and smart manufacturing-a review of research issues and application examples. International Journal of Automation Technology, 11(1), pp.4-16.

Urciuoli, L. and Hintsa, J., 2017. Adapting supply chain management strategies to security–an analysis of existing gaps and recommendations for improvement. International Journal of Logistics Research and Applications, 20(3), pp.276-295.

Yang, W. and Fung, C., 2016, June. A survey on security in network functions virtualization. In 2016 IEEE NetSoft Conference and Workshops (NetSoft) (pp. 15-19). IEEE.

Zhang, Z. and Gupta, B.B., 2018. Social media security and trustworthiness: overview and new direction. Future Generation Computer Systems, 86, pp.914-925.

Zhong, R.Y., Newman, S.T., Huang, G.Q. and Lan, S., 2016. Big Data for supply chain management in the service and manufacturing sectors: Challenges, opportunities, and future perspectives. Computers & Industrial Engineering, 101, pp.572-591.