• Advertise
  • Contact Us
  • Supplier Directory
  • SCB YouTube
  • About Us
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Parcel & Express
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Robotics
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Customer Relationship Management
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • Green Energy
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • Sourcing/Procurement/SRM
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Management & Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Warehouse Automation
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • WHITEPAPERS
  • VIDEOS
Home » Blogs » Think Tank » Lessons in Cyber Resiliency That Manufacturers Can Learn From Healthcare

Think Tank
Think Tank RSS FeedRSS

Lessons in Cyber Resiliency That Manufacturers Can Learn From Healthcare

A GRAPHIC REPRESENTATION OF CYBER SECURITY NETWORKS

Photo: iStock.com/cemagraphics

December 2, 2022
Gus Malezis, SCB Contributor

The manufacturing sector has reached an inflection point in its digitization journey. The availability of high-powered mobile devices (smartphones, tablets and the like), the industrial internet of things (IIoT), massive data creation, artificial intelligence, cloud-based technologies and the drive for competitive advantage have sparked a transformation not seen since the advent of the assembly line. 

In many cases, what was once a discrete location with on-site workers has become a massively interconnected and scaled hybrid world of digital and remote systems and employees. Warehouses and factories have transformed into global networks of automated systems, enabling significant operational and workflow efficiencies. At the same time, the digitization of supply chains has accelerated already complex infrastructures and diversified workflows with more users, roles and third parties that need access to sensitive information and infrastructure.

Securing this type of environment without disrupting employee workflows and bringing productivity to a grinding halt is seemingly insurmountable. However, this level of complexity isn’t unlike that of another dynamic industry — one with hyper-strict regulations and complicated workflows. One where getting it wrong can have life-critical consequences: healthcare.

Much like manufacturing, the healthcare sector is rapidly advancing toward a digital future reliant on new technologies that provide fast access to systems, applications and data while also managing and mitigating security risks. While each industry has its own nuances and challenges, commonalities are evident in the high degree of IT complexity and rapidly changing access requirements that must remain compliant and secure. And of course, the impact of a cyberattack or data breach on either sector can be paralyzing, resulting in essential resource shortages and devastating human outcomes. 

Is There a New Security Perimeter?

The attack surface for most manufacturing organizations has grown exponentially, catalyzed by the rise of digital warehouses, mobile technology and IIoT, which make traditional perimeter security harder to enforce. This isn’t lost on cyber criminals, who continuously evolve their tactics to breach organizations from every angle. While traditional endpoint or “perimeter-based” security made sense when networks and users were located almost entirely on-premises, networks of today require IT and security teams to control access to applications and resources through the authenticated identity of an individual or device.

Commonly referred to as “identity security,” this approach is the foundation of zero trust, and focuses on the digital identity of the requestor to ensure that only the right users or devices are provided access to the data and resources they need. If identity validation fails, access is not permitted. Though the concept of zero trust isn’t new, the adoption of technologies necessary to facilitate a zero-trust architecture are evolving.

The Appeal of Healthcare and Manufacturing 

Both healthcare and manufacturing organizations hold extremely valuable and proprietary data, and operate within IT ecosystems that are among the most complex on earth.

For financially motivated attackers, hacking systems to sell personal health information on the black market can be highly lucrative. For others motivated by malice — like state-sponsored hacker groups — the potential human safety impact of compromising healthcare systems is highly appealing.

Similarly, attacks on manufacturing organizations are becoming more pervasive, given the power to impact global supply chains. Consider the U.S. infant formula shortage earlier this year , when safety concerns prompted an operational shutdown by one of three major formula producers and resulted in significant and persistent national disruption. Imagine the large-scale distress if a cyberattack were to simultaneously take out two or even three of these producers, affecting populations across countries, continents, or the world.

The pandemic also caused huge disruption throughout both sectors. In healthcare, the rapid transition to telehealth, coupled with an unimaginable influx of patients and new clinicians, resulted in the adoption of technologies that worked but created new access points for bad actors to breach. Likewise, manufacturing transitioned to remote working, embraced new risk-management tools and implemented advanced analytics. In both cases, accelerated digitization illuminated security gaps that continue to widen.

Using Digital Identity

In the spring of 2022, the Biden Administration addressed today’s evolving cyber threats by releasing a federal strategy to move U.S. government agencies to zero trust standards. The executive order was released during rising attacks from the Russia-Ukraine war, with the goal of improving security and reducing cyber threats across the public and private sectors at a critical time.

A zero trust architecture is designed to put logical barriers around applications, forcing users to be authenticated, authorized and continuously validated before being granted access to applications and data. This requires a comprehensive digital identity strategy that enables seamless and compliant user workflows — an approach that the highly regulated healthcare industry is widely adopting.

Manufacturers can take a page out of healthcare’s playbook by focusing on four processes and technologies that lay the groundwork for zero trust:

  • Implement lifecycle provisioning and de-provisioning. It’s critical for all organizations to know who has access to what systems, and the degree to which an individual can access these systems under specific conditions. Similarly, ensuring you can automatically modify and revoke access as users change roles or leave the organization is crucial to letting the right people in and keeping the wrong people out. Identity-governance tools can deliver role-based access without manual intervention. 
  • Create user checkpoints with multifactor authentication (MFA). Compromised user credentials are one of the most common initial attack vectors, so requiring two or more verification factors to gain access to network resources is of the utmost importance. MFA enables you to provide a secure, auditable chain of trust for remote network access, cloud applications, and other critical systems and workflows. Non-intrusive modalities such as biometrics and proximity-based authentication accomplish this without creating user barriers.
  • Enable a passwordless experience. Enforcing complex passwords is a security best practice, but not entirely realistic when employees must enter them into multiple applications all day, every day. Single sign-on technology eliminates password fatigue and improves compliance by reducing the need to enter usernames and passwords to access on-premises and cloud applications, shared workstations and virtual desktops. 
  • Practice the principle of least privilege. Make sure you’re not giving employees and third-party vendors more access than they need by providing just enough to complete their work, and nothing more. Privileged access management prevents overprivileged users through granular policy control at the system level. This is a corollary of step one above, and can be implemented effectively and with relatively low burden.

Today’s manufacturing organizations are increasingly complex. The key to success is ensuring that complexity doesn’t lead to elevated security risk. Implementing a digital identity architecture that enables a zero trust operational model, along with fast and efficient access for the right users, strikes the correct balance of access and security. Consider how healthcare has bolstered defenses and remained agile amid surging attacks. By drawing on insights and best practices from other sectors, manufacturers can make faster strides in advancing their cyber resiliency.

Gus Malezis is chief executive officer of Imprivata.

Regulation & Compliance Supply Chain Security & Risk Mgmt Healthcare Industrial Manufacturing

RELATED CONTENT

RELATED VIDEOS

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Featured Product

Popular Stories

  • 005_veteran_winemaker_gallo_embarks_on_an_ai_journey_v2-(540p).jpg

    Watch: Veteran Winemaker Gallo Embarks on an AI Journey

    Artificial Intelligence
  • SCB_Q326_Made4Net_Top5_THUMB.jpg

    Five Costly WMS Selection Mistakes Warehouse Leaders Keep Making

    Logistics
  • A UNIFORMED OFFICER STANDS NEAR A HIGHWAY WITH TRUCKS ON IT

    U.S. Customs Ramps Up AI Investment in Push to Sharpen Enforcement

    Artificial Intelligence
  • A MAP OF THE STRAIT OF HORMUZ SHOWING DOZENS OF BLUE DOTS DISTRIBUTED THROUGHOUT THE WATERWAY

    Traffic Flows Through Hormuz Despite Shock Ship Attack

    Global Gateways
  • On Demand Webinar 4flow Thu Jun 25 2026.png

    How Mars uses 4flow's AI platform for Logistics optimization

    Webinars

Digital Edition

2026 esg cover main scb q2 2026 cover

SupplyChainBrain 2026 ESG Guide: ESG — The Supply Chain’s Biggest Secret

VIEW THE LATEST ISSUE

Case Studies

  • Recycled Tagging Fasteners: Small Changes Make a Big Impact

  • A GRAPHIC SHOWING MULTIPLE FORMS OF SHIPPING, WITH A HUMAN STANDING AT THE CENTER, TOUCHING A SYMBOLIC MAP OF THE WORLD

    Enhancing High-Value Electronics Shipment Security with Tive's Real-Time Tracking

  • A GRAPHIC OF INTERLACING HONEYCOMBED ELEMENTS REPRESENTING GLOBAL BUSINESS TRANSACTIONS

    Moving Robots Site-to-Site

  • JLL Finds Perfect Warehouse Location, Leading to $15M Grant for Startup

  • Robots Speed Fulfillment to Help Apparel Company Scale for Growth

Visit Our Sponsors

4flow Arkieva Blue Yonder
Carton Cloud CoEnterprise Dassault
Duravant E2Open EPG
General Logistics Systems GEP Hy-Tek
iGPS Korber Lyngsoe
Procurability Quinyx SAP
Sikick Staples Systech
S&P Global Mobility TADA Tive
TransImpact US Bank Werner Enterprises
WSI
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Email Preferences
    • Newsletters
  • Resources
    • Events Calendar
    • 2026 Event Coverage
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2026 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing