Managing Safety and Cybersecurity in the Manufacturing Industry

Managing Safety and Cybersecurity in the Manufacturing Industry

Like many other industries, the manufacturing industry has been severely affected by labor shortages. In April 2022, the activity of American factories was at its slowest pace in more than 18 months. As a result, many factories are looking for more agility than artificial intelligence and other automated processes to better manage disruptions and uncertainty. With these upgrades there is the threat of potential health and safety hazards and cyber threats.

Occupational Health and Safety Administration

Increasing automation may reduce some hazards and increase efficiency, but technological advances that use hazardous energy computer controls may also conflict with the existing Occupational Health and Safety Administration (OSHA) standard. ) for hazardous energy control (blocking / labeling) (LOTO). ). The use of robotics can also introduce other hazards into the work environment. In 2019, OSHA issued a request for information (RFI) on hazardous energy control (blocking / labeling) and the general use of robotics for more information from stakeholders on the increase in the efficiency and potential dangers associated with robotics (84 Fed. Reg.. 22756). OSHA’s RFI demonstrates the recognition that robotic modernization can create new dangers that are not easily addressed through its current LOTO standard. OSHA’s notice of the proposed regulation to amend the LOTO standard is scheduled for September 2022, but could take years to complete. While manufacturers await updated guidance, automated equipment service and maintenance must be performed in accordance with OSHA’s existing LOTO standard until upgraded.

It is important that manufacturers continue to evaluate the interaction between equipment and employees and stay informed about specific federal and state safety regulations, working with advisors on current health and safety regulations.

Cyber ​​security

In addition to security issues, modernization leads to an increase in vulnerability to cyberattacks. According to the Identity Theft Center report for the first quarter of 2022, manufacturing was one of the top three cyberattack-oriented industries. As manufacturers adopt modern technologies, this change opens these organizations to ransomware and data theft vulnerabilities in a way that was simply not available in the analog days. Part of this problem is likely because organizations prioritize innovations over the cybersecurity needed to protect new technology. According to Cybersecurity Ventures, fishing attempts increased by 200 percent in 2020, the amount retained for the bailout increased from $ 5,000 in 2018 to $ 200,000 in 2020, and experts estimated that there was an attempt to ransomware attack every 11 seconds in 2021. has warned organizations to be on high alert for a possible cyberattack as the war in Ukraine heats up. As recently as March 2022, the Texas Tribune reported that Russian hackers had been investigating Texas’ energy infrastructure.

Manufacturers can prepare against cyber threats. Manufacturers need to ensure that they continually invest in cybersecurity strategies to suit their needs, including partnering with consultants to develop strategies to address the interaction of business needs, data protection, and legal risks. . As an initial step, organizations can develop and implement an incident response plan before a breach occurs. The steps include the following:

  • Identify the internal response team (for example, leadership, IT, internal counseling and human resources). These are the people in the company who will direct the response to any data incident. They will make quick, informed, and prudent decisions that are likely to be critical to the success of the response process and possibly to the future of the business.

  • Identify the external response team (for example, external legal advisor, forensic investigators, notification vendors and public relations). Having external team members identified in advance and negotiating / agreeing on any applicable contract can be vital to the success of any preparation plan. When a breach occurs, valuable time may be wasted trying to identify, evaluate, negotiate, and engage with the third-party service providers needed for the response.

  • Anticipate critical business continuity and job security issues that could be jeopardized by a compromise with information and control systems. To the extent possible, contingency plans should be established to allow for continued operations while investigating the incident and mitigating the damage.

  • Check with insurance brokers or cybersecurity operators to confirm applicable coverage or to discuss coverage options for cyberattacks. If there is coverage, notifying the insurance company should be one of the first steps the organization takes in response to an incident.

  • Clarify the roles and responsibilities of team members at key points in the response process: incident discovery, investigation, coordination with law enforcement, correction, notification, third party consultations, compliance, and reassessment. This should include a well-defined decision-making process to facilitate good choices and avoid delays.

  • Practice, practice, practice. Members added to the response team may not have first-hand experience to help coordinate the investigation or response to a data incident. Unfortunately, even a well-written plan does not give the people in charge of implementing the plan the power to execute it. Once the organization has created its plan, it should bring together members of the internal and external breach response team to simulate an incident to help members gain valuable experience navigating research, mitigation, and global response process as well as working together. Like a fire drill, practicing this process will help ensure that any data incident is addressed in an efficient and orderly manner.

It is also important for organizations to be aware of the risk of cyberattacks and cybersecurity risks. This may include the following:

  • Instruct employees what to do immediately if they believe an attack has occurred (for example, who to notify (usually computer) and how to disconnect from the network). This may include coordination with the organization’s workplace security team to ensure, for example, that compromised systems and equipment do not cause physical harm to people or property damage.

Preparation can make the difference in the success of an organization’s ability to handle a cyberattack. An incident prevention and response plan is only as strong as employee awareness. Employees need to understand the risks involved in maintaining complex data-driven systems and equipment and the basic steps they can take to prevent or mitigate a cyberattack and, if necessary, respond to them.

Jackson Lewis PC © 2022National Law Review, Volume XII, Number 131

Source link

Related post

NIT Srinagar’s Torus club organises model quiz

NIT Srinagar’s Torus club organises model quiz

Torus club of NIT Srinagar is organizing a modeling competition Posted on Friday, January 7, 2022 Srinagar, January 06: Torus-design thinking…
ADA Highlights the Best Ruby on Rails Development Companies

ADA Highlights the Best Ruby on Rails Development Companies

Chained by competition rather than obsolescence, Ruby on Rails remains preferred by many web development companies” – ADA Reports! UNITED STATES,… rises as Oppenheimer upgrades, citing activist involvement as ‘positive catalyst’ rises as Oppenheimer upgrades, citing activist involvement as…

wavemovies (NASDAQ:WIX) shares rose Thursday as investment firm Oppenheimer upgraded the web development company, noting that the stake from activist…

Leave a Reply

Your email address will not be published.