The U.S. government’s initiative to boost domestic manufacturing, including the semiconductor industry, brings potential benefits such as job creation, reduced reliance on international trade, particularly with countries like China, and enhanced national self-sufficiency in a vital sector. However, this shift towards onshoring semiconductor production also introduces significant cybersecurity risks.
Bob O’Donnell, President and Chief Analyst of TECHnalysis Research, highlights that semiconductor manufacturing is a prime target for hackers, partly due to changes in supply chains. With new suppliers and vendors being integrated, companies may not have adequate time to assess these partners’ cybersecurity measures. This scenario increases vulnerabilities, as suppliers may not prioritize cybersecurity and engage in risky practices, like using public Wi-Fi for business transactions or storing data in insecure cloud services.
Seongkyoon Jeong, an Assistant Professor of Supply Chain Management at the University of Tennessee, echoes this concern. He points out that onshoring, by expanding a company’s operational footprint and creating new intellectual property (IP) access points, opens up opportunities for data breaches and IP leaks. He illustrates this with an anecdote about a Las Vegas casino where a hacker used an internet-connected fish tank to breach the network, indicating that security breaches can arise from unexpected sources.
Moreover, the risk extends to potential employee poaching by competitors seeking access to valuable IP. Therefore, companies need to implement robust cybersecurity strategies that include technical safeguards and protections against IP theft by former employees.
Amy Broglin-Peterson, a Principal at Win*x Global Advisory and an adjunct professor at Michigan State University, warns of the dire consequences of cybersecurity breaches in the semiconductor industry. Such breaches can compromise smart factory operations, leading to product quality issues and malfunctions in critical technologies, such as those used in jetliners.
To mitigate these risks, Vishal Gauri, President of the Americas at Seclore, advises manufacturers to adopt a zero-trust approach, verifying who has access to sensitive technology and networks. This includes conducting thorough cybersecurity audits of primary suppliers and down-tier suppliers, such as raw material vendors. He suggests developing a supplier cybersecurity readiness scorecard to evaluate vendor performance over time.
Additionally, it’s crucial to secure the data itself, ensuring that access to a company’s data is always verifiable and that the data can be encrypted, decrypted, and, if necessary, access can be revoked retroactively. Manufacturers should stay informed about cybersecurity trends and incidents by following reports from agencies like the Cybersecurity and Infrastructure Security Agency and security news platforms.
Despite these challenges, O’Donnell asserts that the benefits of diversifying the semiconductor supply chain into the U.S. and reducing dependence on foreign chipmakers outweigh the risks. The expansion of the semiconductor industry within U.S. borders offers more options and reinforces the critical nature of this sector.
Get the latest supply chain report news insights at The Supply Chain Report. For international trade resources, visit ADAMftd.com.
#SemiconductorOnshoring #CybersecurityRisks #TechManufacturing #DomesticManufacturing #SupplyChainSecurity #ZeroTrustApproach #SemiconductorIndustry #JobCreation #NationalSelfSufficiency #IPProtection #SmartFactoryRisks #VendorCyberSecurity #PublicWiFiRisks #Seclore #TECHnalysisResearch #WinxGlobalAdvisory #CyberSecurityAwareness #DataEncryption #CISA #SupplyChainManagement #ManufacturingSecurity
