Manufacturers Must Build a ‘Cybersecurity Culture’
February 15, 2019
‘You need to take steps at every level to protect yourself in the supply chain’
At a recent panel discussion on cybersecurity hosted by CBIA and CONNSTEP, the packed room heard from industry experts on how to best protect their businesses and employees from cyberattacks.
The panel included David Huang, assistant U.S. attorney; Carl Jackson, engineering director, Sikorsky, a Lockheed Martin Company; Garry Feldman, president, U.S. Computer Connection; Ray Swanson, president and general manager, Tornik; and Jean Lehman, NIST Standards project manager, Polaris MEP.
Jackson, who has worked in various roles for Sikorsky and has over 37 years of experience in engineering and information technology, suggested all businesses take a risk-based approach
to their cybersecurity needs.
“Conduct a risk assessment of your organization by identifying vulnerabilities and points of access,” he said.
Companies should then prioritize and establish steps to address each one, he added.
First Line of Defense
Jackson explained that employees are the first line of defense when it comes to cyberattacks.
They need to be educated on strong online behavior measures to deter rogue activity.“To build a cybersecurity culture, you have to talk about it,” said Feldman, adding that conversations with employees are critical to controlling risk. Click To Tweet
Feldman’s organization, U.S. Computer Connection, has provided cybersecurity help to small businesses
for over 20 years.
Tornik’s Swanson expressed a similar sentiment about engaging employees. His company suffered a cyberattack that nearly drove the company out of business.
The company’s data, assets, and proprietary customer information were hacked and held for ransom by cyber thieves using malware.
After struggling for two days with his IT team to access encrypted files, they were ultimately unsuccessful and ended up paying the ransom.
Fortunately, all but three files were released, but the very next day, the cyber criminals attempted to access Tornik’s network again. The company, however, now had strong protection systems in place to prevent it.
Swanson also stressed the importance of having a cybersecurity plan in place, and Huang agreed.
Initially, Swanson did not have a plan, and it almost cost him his business.
The company changed protocols, installed a backup system and better firewalls, implemented cloud-based services, and educated all employees on smarter prevention measures.
“Before your organization gets hacked, prepare and practice your incident response plan,” Huang said.
He added that law enforcement, particularly the FBI, can help, but an organization’s response plan is top priority when it comes to recovering from an attack.
Lehman advised manufacturers to reframe their mindset when it comes to cybersecurity.
“You need to take steps at every level to protect yourself in the supply chain,” she said.
She added that protecting assets, particularly cybersecurity, should be a key part of risk management when it comes to working with vendors.
CONNSTEP helps manufacturers better understand cyber threats and ensure compliance with minimum federal standards. For more information, contact us at 1.800.266.6672 or online at www.connstep.org/contact/.
Dean Simmons (email@example.com) is the content and campaign strategist at CONNSTEP.
“CONNSTEP solved a huge problem for us and helped us bring our delivery rate to 100%. As a direct result of that, we have been awarded with an increase in business which, ultimately, will also benefit (our supplier) Har-Conn.”
“I see great value in the new experiences and perspectives CONNSTEP brings to our business, at reasonable prices. They’re not like consultants, they’re like partners in the business – willing to roll up their sleeves and help.”
“CONNSTEP has proved to be a tremendous resource for ESI. CONNSTEP has helped us to adapt to today’s marketplace and remain a quality minded, competitive global player. Our ISO/TS16949 implementation process was efficient and rewarding. I look forward to our future projects with CONNSTEP.”
“CONNSTEP worked with FuelCell Energy to educate and facilitate Lean initiatives and to help meet our needs to establish an overall production improvement plan. This plan has been utilized over a period of time as a ‘guiding light’ to spur numerous improvements that dramatically reduced our product cost.”
“CONNSTEP is a valuable partner to Hologic, providing the expertise and ‘outside eyes’ everyone needs to keep their continuous improvement on track. We are now well-positioned on a dynamic growth path and look forward to a long-term relationship with CONNSTEP.”
“Our experience working with CONNSTEP has brought us benefits we never expected. It’s a great team to work with!”
“The goals of the team were to reduce manufacturing lead-time, reduce floor space utilized, and increase worker productivity. All the goals were met. CONNSTEP helped us to better compete.”
“The Business Growth Program is working well for us. We enhanced our website following the meetings to improve our SEO and become more visible to search engines. The segment on negotiating … promoted changes in our thinking and improved how we interact with customers. The mentoring between sessions was helpful in boosting our progress.”