Manufacturers Must Rethink Cybersecurity to Remain Compliant
Companies are rushing to update their security protocols in line with the General Data Protection Regulations (GDPR) and change the way they handle customer data to protect the personal data and privacy of EU citizens for any transaction originating in EU member states. Businesses the world over are impacted, and one industry that will need to pay close attention to data security is manufacturing.
Why should manufacturers care?
While GDPR is specific to Europe, it also impacts companies with a presence in the EU and organisations that handle the personal data of European citizens. Failure to comply with regulations will be costly -- GDPR allows fines up to 4 percent of a company’s global revenue or penalties up to 20 million euros -- whichever is greater. GDPR will also require organisations to notify EU authorities within 72 hours of a breach and completely erase data when customers revoke their consent.
For manufacturers in particular, the new regulations will influence how they store, process and manage data for customers located in the EU. Any manufacturer that ships to an individual within the EU, employs European citizens or is involved in internet marketing will find themselves subject to GDPR compliance. Additionally, manufacturers handle sensitive data such as blueprints, NPI documents and merger and acquisition deals. This type of information alone makes manufacturing one of the most targeted industries by cyber criminals, and forces manufacturers to re-evaluate how they currently handle the personal data of their customers, employees and partners within the supply chain.
With GDPR due to come into effect on Friday, manufacturers have limited options. Manufacturers looking to stay in the EU will need to re-evaluate their cybersecurity strategies to remain compliant with stricter data regulations.
How manufacturers can meet GDPR compliance and bolster internal security measures
Today, the biggest challenge manufacturers face as they work towards GDPR compliance is consolidating and normalising the disparate data they receive from their various supply chain partners and customers. Before implementing any security protocols, manufacturers first need to understand what personal data they collect, where their data lives, how it is used for operations, and how it is protected.
In order to remain fully compliant with Europe’s data regulations and to avoid hefty fines, manufacturers can take the following steps to secure any personal information stored within their databases:
- Understand what is subject to GDPR: Europe’s new data regulations apply to all companies -- small and large -- that sell goods or services to European citizens. This means companies that collect personal data or behavioural information from someone within an EU country must comply with GDPR, no matter where the company is based. Information collected from EU citizens in an online marketing survey, for example, would be subject to international law regardless of whether or not the company has a presence in Europe.
- Complete a thorough data security audit: Businesses should thoroughly document all of their data in order to understand where it came from, why it’s processed, where it’s currently stored and who it’s shared with. For manufacturers, this means resolving the data chaos flow between various supply chain partners and organising the information collected from retailers, distributors and end customers. Using data flow maps can help manufacturers visualise and track sensitive information as well as identify where that data is processed and stored.
- Centralise all European data centers on a singular platform: To simplify data organisation, manufacturers should consider aggregating and normalising disparate information on a centralised platform. Third-party software providers can also help manufacturers remain compliant with international law by implementing features that controls where data is stored and how it is used. With a centralised security platform, manufacturers can reduce security and compliance risk by unifying disparate partners in upstream and downstream supply chains.
- Invest in a data protection officer (DPO): Depending on the circumstances, some manufacturers may be legally obligated to hire a DPO to oversee data security strategies and compliance with international law. DPOs are responsible for educating manufacturers on compliance, conducting routine data audits and maintaining comprehensive records of all information collected. Before hiring a security officer, however, manufacturers should look for candidates who can manage data protection and compliance internationally while serving as the point of contact between the manufacturer and supervisory authorities (SA).
GDPR forces companies to rethink their existing privacy policies and how they store, process and dispose of personal data. As the EU tightens protections for its citizens’ personal information, organisations all over the world will be forced to re-examine their data security strategies in order to meet the GDPR deadline. For manufacturers, this means getting an understanding of the data they process and how international law will impact day-to-day operations. Manufacturers need to take the necessary precautions to strengthen their cybersecurity protocols and information processes in order to avoid costly penalties.
IMF: Variants Can Still Hurt Manufacturing Recovery
After a year of on-and-off manufacturing in the US, UK, and the eurozone, demand for goods surged early last week. Factories set growth records in April and May, suppliers started to recover, and US crude hit its highest price point since pre-COVID. As vaccination efforts immunise much of the US and UK populations, manufacturers are now able to fully ramp up their supply chains. In fact, GDP growth could approach double-digits by 2022.
Now, the ISM productivity measure has surpassed the 50-point mark that separates industry expansion from contraction. Since U.S. president Biden passed his US$1.9tn stimulus package and the UK purchasing managers index (PMI) increased to 65.6, both sides of the Atlantic are facing a much-welcomed manufacturing recovery.
Lingering Concerns Over COVID
Even as Spain, France, Italy, and Germany race to catch up, and mining companies pushed the FTSE 100 index of list shares to a monthly high of 7,129, some say that UK and US markets still suffer from a lack of confidence in raw material supplies. Yes, the Dow Jones has made up its 19,173-point crash of March 2020, and MSCI’s global stock index is at an all-time high.
Yet manufacturers around the world realise that these wins will be short-lived until pandemic supply chain bottlenecks are solved. If we keep the status quo, consumers will pay the price. In April, inflation in Germany reached 2.4%, and across the EU’s 19 member countries, overall prices have increased at an unusual pace. Some ask: Is this true recovery?
IMF: Current Boom Could Falter
Even as Elon Musk tweeted about chip shortages forcing Tesla to raise its prices, UK mining demand skyrocketed; housing markets lifted; and the pound sterling gained value. The International Monetary Fund (IMF), however, cautioned that manufacturing recovery won’t last long if COVID mutates into forms our vaccinations can’t touch. Kristalina Georgieva, Washington’s IMF director, noted that fewer than 1% of African citizens have been vaccinated: “Worldwide access to vaccines offers the best hope for stopping the coronavirus pandemic, saving lives, and securing a broad-based economic recovery”.
Across the globe, manufacturing companies are keeping a watchful eye on new developments in the spread of COVID. Though US FDA officials don’t think we’ll have to “start at square one” with new vaccines, the March 2021 World Economic Outlook states that “high uncertainty” surrounds the projected 6% global growth. Continued manufacturing success will in large part depend on “the path of the pandemic, the effectiveness of policy support, and the evolution of financial conditions”.
Mathias Cormann, secretary-general of the Organisation for Economic Co-Operation and Development (OECD) concurred—without global immunisation, the estimated economic boom expected by 2025 could go kaput. “We need to...pursue an all-out effort to reach the entire world population”, Australia’s finance minister added. US$50bn to end COVID across the world, they imply, is a small investment to restart our economies.