The past 12 months have been especially challenging for the manufacturing industry. The pandemic affected in-person manufacturing jobs as well as supply and demand, causing many manufacturing companies to shut their doors or lay off valuable employees. Recognizing the vulnerable state of manufacturing companies, cybercriminals saw manufacturing as an easy target. In fact, the manufacturing industry saw an 11 percent increase in cyberattacks in 2020.
And even more concerning, our recent State of Software Security v11 (SOSS) report found that, when compared to other industries, the manufacturing industry ranks last for fix-rate and median time to remediate security flaws. That means that the manufacturing industry has security flaws in applications that aren’t getting resolved in a timely manner. And more lingering flaws mean more opportunity for a cyberattack.
That said, it is reassuring to see that the manufacturing industry falls in the middle of the pack for the percentage of applications with flaws and – even better – has the lowest portion of applications with high-severity flaws.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

What are some steps that the manufacturing industry can take to improve its fix rate and half-life?
When reviewing the SOSS data, there are several factors contributing to the low fix rate and time to remediation. Some of the factors are simply the “nature” of the applications and can’t necessarily be changed. For example, applications in the manufacturing industry tend to be large and have a high flaw density. But there are several factors that can be “nurtured” to improve fix rate and time to remediation, like scanning via API, scan frequency, and using software composition analysis (SCA) with static analysis (SAST).

Just by scanning applications for flaws more frequently, industries improved their time to remediation by 22 days. By leveraging APIs, industries improved time to remediation by 18 days. It really comes down to adopting and implementing DevSecOps best practices.
And while talking about flaws, it’s important to note that the most common security flaws in the manufacturing industry are information leakage, CRLF injection, and code quality. Credentials management is also surprisingly common, perhaps due to the fact manufacturing used to not require authorization for applications.
For more information on software security trends in the manufacturing industry, check out The State of Software Security Industry Snapshot.

By admin