Blog

Cybersecurity Insights: Protecting Small and Medium-Sized Businesses

Securing the Manufacturing Sector: Why Cybersecurity Is Non-Negotiable

8/19/2024

The manufacturing sector, often seen as the backbone of global industry, has increasingly become a prime target for cyber threats. As these threats grow both in frequency and sophistication, the financial and operational damage they cause to manufacturers can be devastating. In fact, over 30% of all cyber extortion attacks in 2023 targeted the manufacturing industry, highlighting the critical need for enhanced cybersecurity measures. The recent attack on Clorox, costing the company over $300 million, is a stark reminder of the potential consequences of a successful cyberattack.

At Marigold Security, we recognize the unique challenges that manufacturers face in safeguarding their critical infrastructure. Understanding the key sources of risk is the first step toward implementing effective security solutions. Below, we outline four major vectors of cybersecurity risk in the manufacturing sector and how they can be mitigated.

1. Human Error and Insider Threats
Human error and insider threats remain significant cybersecurity challenges for manufacturers. Employees may inadvertently introduce risks through phishing attacks or by mishandling sensitive information. Moreover, malicious insiders can intentionally compromise systems, leading to substantial damage.

For example, the Clorox cyberattack, which began with a social engineering scheme, allowed attackers to gain access to legitimate user credentials, causing significant production disruptions and financial losses. Implementing a Zero Trust access solution can mitigate these risks by enforcing identity-driven access control and continuous verification. This ensures that access to critical assets is strictly controlled, automatically revoked upon employee termination, and continuously monitored for suspicious activities.

2. Vulnerable Legacy Remote Access Systems and "Backdoor VPNs"
Many manufacturers rely on legacy systems that may not be regularly updated, making them vulnerable to cyberattacks. In 2024 alone, numerous vulnerabilities were exposed in legacy VPNs such as Ivanti and Cisco ASA. These outdated systems often serve as easy targets for cybercriminals, especially when manufacturers allow remote connectivity or "backdoor VPN" access for technology providers to monitor and maintain production line equipment.

By enhancing security with Zero Trust access controls and granular credential management, manufacturers can better protect their systems. Implementing multi-factor authentication, role-based access controls, and microsegmentation can prevent vulnerabilities in outdated systems from compromising the entire manufacturing environment.

3. Third-Party Contractor Access and Unmanaged Devices
Manufacturers frequently rely on service providers and contractors who may bring their own devices into the manufacturing environment. These unmanaged devices, often running specialized software, can introduce significant risks if not subject to the same security policies as in-house devices. Infected laptops, for example, have been the source of severe ransomware attacks that bypass existing security controls.

To address this risk, manufacturers should consider deploying Remote Privileged Access Management (RPAM) and Zero Trust microsegmentation. RPAM restricts third-party access to only the necessary devices and enforces granular policies on what actions third parties can perform. Meanwhile, microsegmentation prevents malware from propagating within the manufacturing plant and jumping from the IT environment to the operational technology (OT) environment.

4. Supply Chain Vulnerabilities
Manufacturers are part of extensive supply chains, often sharing data with numerous suppliers and partners. A cyberattack on any part of this chain can compromise the entire network, as seen in Toyota's 2022 production shutdown caused by an attack on one of its suppliers. This event underscored the ripple effects that a breach in the supply chain can have on manufacturing operations.

Implementing the principle of least privilege and more stringent access controls can secure connectivity between manufacturers and their suppliers, preventing malware from spreading throughout the supply chain.

The Imperative of Zero Trust in Manufacturing
As cyber threats continue to escalate, manufacturers must prioritize robust cybersecurity measures. At Marigold Security, we advocate for the adoption of Zero Trust cybersecurity frameworks tailored to the specific needs of manufacturers. By focusing on access control, real-time monitoring, and comprehensive security solutions, we help manufacturers strengthen their defenses against the diverse range of cyber risks they face today.

In today's environment, cybersecurity is not just an IT issue—it's a critical component of operational resilience and business continuity. Protect your manufacturing business with the expertise and tailored solutions offered by Marigold Security. Your future depends on it.

Why Cybersecurity is Non-Negotiable for Small and Medium-Sized Businesses

8/13/2023

In today's digital age, cybersecurity is not just a concern for large corporations and government agencies; it's a critical issue for businesses of all sizes. Small and medium-sized businesses (SMBs) are increasingly becoming targets for cybercriminals who perceive them as easy prey. At Marigold Security, we believe that every business, regardless of its size, must prioritize cybersecurity to protect its assets, reputation, and customers. Here’s why cybersecurity should be at the top of your agenda.

1. SMBs Are Prime Targets

Cybercriminals often view SMBs as low-hanging fruit, because they tend to have less sophisticated security measures than larger enterprises. According to recent studies, nearly half of all cyberattacks target small businesses, and this number is only expected to rise. Many SMBs mistakenly believe they are too small to be noticed by cybercriminals, but the reality is that hackers see them as easy targets.

2. The Financial Impact Can Be Devastating

A successful cyberattack can have a catastrophic impact on a small business. The costs associated with a data breach—ranging from regulatory fines to legal fees, and from lost business to reputational damage—can be overwhelming. In fact, 60% of small businesses go out of business within six months of a cyberattack. Investing in cybersecurity isn't just about protecting data; it's about ensuring the longevity and survival of your business.

3. Data Privacy Laws Are Becoming Stricter

Governments around the world are introducing stricter data privacy laws that apply to businesses of all sizes. Whether it's the General Data Protection Regulation (GDPR) in Europe or the California Consumer Privacy Act (CCPA) in the United States, failing to comply with these regulations can result in hefty fines and legal consequences. For SMBs, staying compliant means implementing robust cybersecurity measures to protect customer data.

4. The Rise of Remote Work Increases Vulnerabilities

The COVID-19 pandemic has accelerated the adoption of remote work, but it has also expanded the attack surface for cybercriminals. Home networks and personal devices are often less secure than corporate environments, making remote workers easy targets. SMBs must ensure that their employees are equipped with secure tools and practices to protect sensitive business information, no matter where they work.

5. Cybersecurity Is an Investment, Not an Expense

Many small businesses view cybersecurity as an additional expense that they can’t afford. However, at Marigold Security, we emphasize that cybersecurity should be seen as an investment in the future of your business. The cost of a data breach far outweighs the investment required to implement a robust cybersecurity strategy. Protecting your business now can save you from potential disaster down the road.

Cybersecurity is no longer a luxury or an afterthought for small and medium-sized businesses—it’s a necessity. At Marigold Security, we are committed to helping SMBs protect their digital assets, maintain customer trust, and comply with regulatory requirements. By partnering with us, you can focus on growing your business, knowing that your cybersecurity is in expert hands.

Take the Next Steps

Ready to secure your business? Contact Marigold Security today for a free consultation and learn how we can help you develop a tailored cybersecurity strategy that fits your unique needs.

© Copyright 2025 Marigold Security. All Rights Reserved.