As a result, PMMI has created CyberHealth, to assist you with your cybersecurity needs and keep you up to date on current business practices, key trends, and imminent threats. Check this page often as we will be updating the information and resources on a regular basis.
Get cybersecurity updates straight to your inbox by opting in to receive CyberHealth emails.
.webp)
As more manufacturers embrace the cloud for flexibility, scalability, and smarter production lines, a critical question often gets overlooked: Who’s responsible for keeping cloud environments secure?
Passwords remain a major weak link in cybersecurity. Whether it's reusing the same password across multiple sites or falling for phishing attacks, poor password hygiene continues to fuel data breaches. To combat this, the National Institute of Standards and Technology (NIST) has updated its cybersecurity framework, including new guidance on password security best practices.
As we embark on 2025, manufacturers continue to face an evolving threat landscape. Among the most concerning trends is the rise of AI-powered phishing scams, a phenomenon highlighted in a recent study on AI-driven spear-phishing campaigns. These developments underline the critical importance of staying vigilant in protecting your organizations from emerging cyber threats.
Cybersecurity isn’t just about protecting our human users. Non-human identities like applications, APIs, and system IDs are commonly used for different purposes. Many of these identities are often given privileged access in order to fulfill their purpose. In this regard, adherence to the rule of least privilege can play a critical role in safeguarding industrial systems against evolving threats. Ignoring non-human identities and their level of privileged access can lead to devastating breaches, downtime, or even compromised safety.
Last month, Jeremy Turner (Head of Cyber and Risk) presented to PMMI members at the 2024 Annual Meeting about the current cybersecurity threats PMMI members encounter on a daily basis. Cogility is a cybersecurity company that provides advanced threat intelligence and data-driven security solutions, specializing in continuous monitoring of internet-exposed assets, threat actor infrastructure, and potential cyber risks for commercial and government customers.
Software as a Service (SaaS) platforms have become increasingly prevalent in organizations around the world. These platforms offer manufacturers scalable, efficient, and cost-effective solutions to manage everything from supply chains to operational workflows to customer relationship management, all in the cloud. However, with the growing reliance on SaaS solutions, it is crucial for manufacturers to conduct thorough due diligence when selecting and working with these vendors to safeguard their data and ensure they are safe from threat actors.
In today's interconnected world, the strength of a manufacturer’s cybersecurity is only as robust as its weakest link. As businesses become more integrated and dependent on external vendors and supply chain partners, third-party risk management has become a critical component of a comprehensive cybersecurity strategy.
Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due to increasing malicious activity worldwide.
Recent findings reveal a stark reminder of the ever-present cyber threats in the industrial sector. A survey by Palo Alto Networks has shown that out of nearly 2,000 industrial organizations, spanning across 16 countries, a significant 25% experienced operational technology (OT) shutdowns due to cyberattacks within the last year (SecurityWeek) (OODA Loop).
Following our recent blog post about vulnerabilities in Programmable Logic Controllers, the Cybersecurity & Infrastructure Security Agency (CISA) is urging manufacturers to change or even get rid of default passwords altogether on equipment and software they manufacture. The agency went on to say that “studies by CISA show that the use of default credentials, such as passwords, is a top weakness that threat actors exploit to gain access to systems, including those within U.S. critical infrastructure”.
