It’s important for everyone — manufacturers and others — to recognize the threat of cyber attacks and how to prevent them. The vulnerabilities exploited by cybercriminals can shut down your operations, requiring your company to spend thousands of dollars on enhancing security measures and reassuring customers you’re still trustworthy.
One of the challenges manufacturers often face regarding cyber threats is that they're not sure how vulnerable they really are. Have you ever thought about how you can assess your company's vulnerability level? Wouldn’t it be great to be able to better understand where your company lands in meeting its cybersecurity needs?
Fortunately, it's easier than you may think. You can get started by using the MEP National NetworkTM Cybersecurity Assessment Tool to self-assess the level of cyber risk to your business.
As you may know, the National Institute of Standards and Technology (NIST) released the five-part Cybersecurity Framework, which has become the standard for cybersecurity in the manufacturing and many other industries. MEP’s self-assessment tool is based on the Framework and follows its five categories: Identify, Detect, Protect, Respond, and Recover.
After you’ve provided some basic information about your company including the state of residence, you can begin to use the assessment tool. Keep in mind that NIST and the MEP National Network do not retain any information about your company, other than its location. Your score for each step of the Framework will not be recorded. You may want to take note of your score in order to track your progress when you use the tool again for a re-assessment.
The first part of the self-assessment tool relates to the existing structures and practices that help identify cyber threats to your company.
Topics covered in this section include:
The answer choices are straightforward; most require only “yes,” “no” or short answers.
Next, the tool goes into the Protect category of the NIST Cybersecurity Framework and discusses system protection. Be prepared to give answers about matters such as:
The Detect category of the NIST Cybersecurity Framework assesses how well you are equipped to detect malicious threats to your systems. You'll answer questions related to matters like:
The Respond portion of the Framework checks to see how well your business is prepared to take action after detecting a cybersecurity threat or incident. The questions cover topics such as:
The Recover category deals with the practices you have in place to help your business recover after a cybersecurity incident. The section covers:
After you finish with the questions within the Recover section, the tool shares a few recommended resources before it generates your score.
If the assessment shows that issues exist in any part of your cybersecurity strategy or if you're weak in a certain area outlined in the NIST Cybersecurity Framework, your local MEP Center will be able to help you reduce the risks to your manufacturing business. One of the resources provided after you complete the assessment is a link to an interactive map of Manufacturing Extension Partnership (MEP) Centers, You can search by state or location to find your local MEP Center.
Remember, the first step to making a change is knowing a problem exists. Use the MEP National Network Cybersecurity Assessment Tool to arm yourself with the knowledge, and take action!