Manufacturers: Don’t overlook security as you become more agile
- Posted on October 6, 2021
- Estimated reading time 4 minutes
Manufacturers know they need to be more agile in responding to challenges and opportunities created by changing customer needs and industry trends. Many are changing their business models, moving into new markets, and providing greater choice and personalization with enhanced connections across partners, suppliers and customers.
But unless manufacturers ensure these changes and innovations are implemented securely, they could be raising risk, not revenue, as well as facing a range of compliance consequences.
Defense and offense
One reason for manufacturers to become more agile and adaptable is defensive: to respond to continual challenges in the marketplace and beyond. Another reason has far greater implications for most manufacturers: everything about the products they make and sell is changing. Business models are increasingly turning to product-as-a-service. Auto manufacturers seek to sell mobility services rather than just cars; office copier manufacturers sell as many pages as their customers care to print, rather than selling the machines that print them.
To make product-as-a-service succeed, manufacturers can’t walk away from their customers after a sale, or merely offer traditional after-sales service. They need to revolutionize their customer experience, becoming more engaged with the customer before, during and after the sale, in order to personalize their offerings and when and how they provide them. All that requires customer data, much more customer data than they’ve ever needed before. For example, while the traditional auto maker may focus on making the customer’s service visits more efficient; the mobility services manufacturer focuses on keeping cars on the road longer between those visits—which requires experiential data about how and where customers drive those cars.
Data is king
A world in which data is king is also a world in which data loss, data corruption and data leakage compete to be royal assassins. Bad actors aren’t the only source of risk. Some blame goes to inadequate data recovery systems, inadvertent mishandling of data and failures to fully capture data in the first place. Many manufacturers don’t even know where their data is, how they should protect it, assign owners to it, and create and implement governance around it. Manufacturers need to address all these sources of data insecurity. At stake: their brand reputations, loss of revenue, compliance penalties, and loss of customers and ecosystem partners.
To enjoy both organizational agility and security, manufacturers should look both high and wide: High, to a secure cloud environment that fully facilitates compliance while being finely tuned to manufacturing needs. And wide, to encompass both the customer and partner ecosystems with data privacy and data security.
Big-bang projects and lengthy transformation programs won’t get manufacturers where they need to go; these traditional paths are the opposite of agility. Instead manufacturers should adopt a goal of digital maturity, an ongoing journey of continual improvement and innovation in short iterations with clear direction. This approach is the baseline for how business gets done in a world of continual change.
This approach also incrementally infuses security into every stage of the manufacturing process—including the software development process itself. Security also has to be built into the continual update cycles, to stay ahead of emerging threats. Models including digital twins are vital tools in developing products, but every time the manufacturer updates a model it introduces a new risk of data leakage or corruption that has to be addressed.
Four first steps
The factors a manufacturer needs to consider in order to safeguard its organizational agility are considerable—and keep expanding. This can make it challenging to know where to begin. Based on the security-related work we’ve conducted for manufacturers around the world, here are first steps we often recommend:
- Develop a detailed understanding of how you safeguard data security and privacy today and identify the new needs you’ll create as a result of adopting new customer experiences and business models.
- Ensure your security planning aligns your business goals and models with your security strategy. That means mapping your current and future state against the businesses risk, as well as requirements of your corporate security policies, regulatory compliance needs and contractual obligations. Build both short- and long-term maps to guide you.
- Review your plan components to identify those that you can implement via in-house resources, and those that could benefit from outside resources. Engage that assistance early to reduce the risk and cost of re-work.
- Include governance policies and practices in your plan. The governance you create up front also should be designed to continue into the long-term, to reduce the impact of future changes and security protections, and to help ensure that your transition to new products, services and business models is as smooth as possible.
These are generalized steps, of course; your journey must be tailored to your specific needs. Let Avanade help. Avanade has more than 3,000 manufacturing specialists and works with most of the world’s largest manufacturers. This year, Avanade and Accenture were named the 2021 Microsoft Global Alliance SI Partner of the Year for the 16th time, as well as the Automotive Partner of the Year, a finalist for Manufacturing Partner of the Year, and Microsoft Security 20/20 Winner for Zero Trust champion—SI.