Are WNY manufacturers adequately prepared to defend against hacking of their information systems, or invasion of their critical data files containing employee and customer records?
Whether it be stolen financial or confidential employee information, a single machine or complete plant shutdown, or the acquisition and theft of Intellectual Property by persons inside or outside your company, the fallout can be nothing short of devastating. Ignoring the growing threat in our world today, or simply applying Band-Aid solutions when problems are discovered sometime after the infiltration has occurred, can be a very costly and even fatal mistake for the future of your business.
Numerous studies have shown that the manufacturing sector is on pace to become the second most targeted industry, next to financial institutions. In some cases, manufacturers have gone out of business within 9 months of a data breach incident, simply because their customers no longer trusted them with their proprietary data. Therefore, there is no time more important than now for manufacturers to have preventive measures, controls, policies and procedures in place. This is not just a task, or once-and-done event, since cyber security must be a core strategy and protocol that exists 24/7 within the organization.
Just ask your staff a few questions-what version of Windows are you running on shop floor controllers, and when was the last patch update applied? Anything running on Windows XP, which is hacker prone since support for it was suspended years ago? Are your production machines connected via a network with the same interface that your business system is connected to the outside world? What are your policies related to use of company electronic devices on public Wi-Fi networks? Do your employees use their company devices to access personal email and other non-business sites during the workday? Do you require a multi-factor authentication protocol in order to log onto any company device? Do you have a Business Continuity or Disaster Recovery Plan? Have you conducted a phishing exercise of your employees, to gauge their vulnerabilities when confronted with a suspect email, document, or phone call?
If you think this can’t happen to you, you are perfectly positioned in that high risk group. Remediation can cost from tens to hundreds of thousands of dollars, and the future of your business could hang in the balance. Like vandalism or a natural disaster, a hacker can put your company on its knees, and out of business. Be prepared, having been fore-warned, and look at what you can do now, and address these items in a priority-phased, timeline-driven approach.
Both the National Grid and NYSEG Manufacturing Productivity Grant programs will support a Defense Federal Acquisition Regulation Supplement (DFARS) NIST 800-171 Compliance Audit and Remediation Plan Project, delivered through Insyte Consulting. Even if you are not a defense contractor supplier, this comprehensive investigation and analysis of your readiness in the technical, physical, and administrative aspects of your business will give you a robust roadmap to significantly reducing your vulnerability in this sophisticated and progressively complicated digital age. As English Author Douglas Adams wrote, “There is no point in using the word “impossible” to describe something that has clearly happened.”
For more information, please contact Ryan Case (rcase@insyte-consulting.com) or Dave Hanitz (dhanitz@insyte-consulting.com)