According to a report by Aberdeen, the Certified Information Systems Security Professional (CISSP) gets data from at least 16,000 manufacturers in Canada and the U.S. This data is meant to explore identity challenges faced by manufacturing organizations in the modern world. There are two major challenges they face in this digital era. This include addressing the compliance risks and ever-evolving security problems that come with expanding user access, and managing the permissions and roles of diverse users and a portfolio of applications. These are the most thought of challenges by IT managers, compliance officers, Chief Information Officers (CIOs) and Chief Information Security Officers (CISO).
As a result, three critical points with regards to IT and security are to be considered when developing access and identity management strategy. Firstly, it is now common for users to have access to company data, apps and networks throughout the extended enterprise. This has enabled vendors to work in different locations. However, that has come at a cost of structuring complex systems to suit these needs. As user access grows, it is becoming a challenge to maintain systems and permissions as accessed by third-party users. In the same vein, the reality of potential security threats is getting bigger, hence affecting the cost of maintain systems.
Secondly according to Onelogin, the only to cost effectively and securely connect to growing numbers and applications should be mission critical for any manufacturer. This is because expanding user access comes with increasing business agility. Nonetheless, if this process is done without proper preparation then there is a high likelihood of data breaches, lost user productivity and disruption of critical systems. The Verizon 2017 and 2016 data breach investigation reports showed that crimes involving compromised, stolen or weak user credentials had surged to between 80% and 90%.
Lastly, cyber-attacks are always costly for manufacturers. Considering there is a wealth of confidential information in the system, this information becomes the primary target for cyber attackers. Some of the sensitive data that should be well guarded include mergers and acquisition data, NPI documentation, partner agreements, financials and business plans. Others include schematics and blueprints. Derek Brink reported that manufacturers facing a single identity-related data challenge end up with a fiscal impact of roughly 500 million.