There’s a popular saying in cybersecurity circles: Businesses today fall into two categories—those that have been hacked, and those that have been hacked but don’t know it yet.
Clearly, cyber-attacks are becoming increasingly sophisticated and frequent, with a reported 4,000 attacks on small businesses each day. These attacks take many forms, from ransomware to spoofing to phishing, among others, and for most manufacturers, just one cyber-attack could be catastrophic. Guarding against cyber threats may seem to be a daunting task, but it is no longer optional; cybersecurity is a business decision, and there are methods and safeguards that can help protect your company from cyber threats. Below is a list of strategies for avoiding dangers from both inside and outside of your business.
Address the Human Component of Cybersecurity
Employees within a company may not be aware that they are responsible for the majority of security breaches that occur. In fact, more than 61% of cyber-attacks involve end users, or inside users who have access to sensitive data as a part of their job. Additionally, 63% of attacks stem from password breaches due to employees using weak or default passwords. As a result, it is necessary to educate staff about the implications of cybersecurity and how their actions may impact it. Lower the possibility of cyber criminals hacking into accounts by enforcing password complexity and prohibiting password reuse. Screening employees prior to entrusting them with confidential information also could prevent security breaches. Implement ongoing training on cybersecurity procedures to keep policies and practices top of mind.
Limit & Control Access
Have you considered how your physical facility may be enabling cyber-attacks? Think about who has access to what, and how secure your building and systems are. By limiting access to organizational systems, equipment and operating environments to authorized personnel only, your business will be significantly more protected from outside threats.
Conform to the Latest Security Standards
Because cybersecurity presents a growing risk to industries nationwide, government agencies increasingly are instituting formalized cybersecurity requirements for businesses to follow. The National Institute of Standards and Technology (NIST), for example, has developed the guiding document for contractors working with the Department of Defense (DoD). NIST 800-171, as the publication is called, requires these manufacturers to become compliant in 14 policy areas, all dealing with information security and by Dec. 31, 2017. If your existing contract says that you must meet all DFARS requirements, then by signing this contract you are obligated to meet these cyber security requirements by December 31, 2017. Future DoD contracts are at risk for those who do not comply. This risk is real, and it’s not going away. In reality, cybersecurity is only going to grow for our state’s manufacturers, as automotive OEMs are developing plans for a consistent approach to cyber requirements. Other industry segments are looking to do the same.
An Invitation to Learn More
For those interested in learning more about this subject, the upcoming Integr8 conference in Detroit, hosted by Automation Alley, will cover cybersecurity, as well as a number of other issues currently facing manufacturers. The one-day conference on November 9th will feature more than 70 speakers who will discuss topics related to the eight technologies currently disrupting the manufacturing industry, including big data, cloud computing and additive manufacturing.
The cybersecurity session that I will be a part of will focus on a seven-step approach to navigating cybersecurity and the importance of prioritizing information security within your business. Those who attend the conference gain insight into new technologies that are becoming a part of the industry, understand what the future of manufacturing looks like, and how to handle the increasing threat of cybersecurity. To learn more or to register, visit https://automationalley.com/integr8.
MEET OUR EXPERT
Vice President of Business Operations
Elliot Forsyth is Vice President of Business Operations at the Michigan Manufacturing Technology Center (The Center) where he is responsible for leading practice areas that include cybersecurity, technology acceleration, marketing, market research and business development. The Center plays a lead role in coordinating and streamlining technology-related services to Michigan’s established industries and in assisting businesses to diversify into new and under-served markets.
As a National Institute for Standards and Technology (NIST) affiliate, The Center has developed a state-of-the-art cybersecurity service for companies in the defense, aerospace and automotive industries. Over the past two years, Elliot led this effort and expanded his expertise in cybersecurity, supporting Michigan companies to safeguard their businesses and maintain regulatory compliance. As a result, Elliot has been quoted and interviewed by print, broadcast and online media outlets, as well as presenting at numerous conferences and events.
Prior to joining The Center, Elliot spent more than 20 years gaining broad, global business experience in high tech and manufacturing companies. He has a proven track record and practiced methodologies to transform global corporations for high growth and profitability.
Since 1991, the Michigan Manufacturing Technology Center has assisted Michigan’s small and medium-sized businesses to successfully compete and grow. Through personalized services designed to meet the needs of clients, we develop more effective business leaders, drive product and process innovation, promote company-wide operational excellence and foster creative strategies for business growth and greater profitability. Find us at www.the-center.org.