This article originally appeared on advancedmanufacturing.org. Guest blog post by Elliot Forsyth, Vice President of Business Operations at the Michigan Manufacturing Technology Center, part of the MEP National NetworkTM.
Any business owner knows that information is a vital part of running a company. As manufacturing increasingly becomes more digitized, cybersecurity must become a standard component of doing business. If sensitive information—such as employee records, customer transactions or proprietary data—is comprised, it can have a devastating effect.
That’s why more and more manufacturers are taking steps to protect their information via good information security practices.
While cybersecurity may seem like a daunting issue for small and medium-sized manufacturers (SMMs)—either because of costs or limited technical knowledge—it’s essential that everyone in the supply chain begins to develop practices to protect their—and their customers’—digital property.
According to the U.S. Department of Homeland Security, the manufacturing industry is the second most targeted industry when you look at the number of reported cyber attacks. Why?
Cyber criminals view SMMs as prime targets precisely because many of these companies do not have adequate preventative measures in place. This makes SMMs incredibly vulnerable, which could result in:
The median cost of a data breach is $60,000, according to the 2016 NetDiligence Cyber Claims Study. After a data breach, companies face not only lost business, but they must regain their customers’ trust, which can often be a time-consuming and expensive endeavor.
So what is a smaller manufacturer to do? Fortunately, the National Institute of Standards and Technology (NIST) has developed a practical framework for cybersecurity that can be implemented by businesses of any size. Available online, it can be further explained by local representatives of the MEP National Network, the go-to experts for advancing US manufacturing, who can also help with the implementation of cybersecurity best practices for the near and long-term.
While the NIST Cybersecurity Framework is a comprehensive set of guidelines for companies that want to get a better handle on cybersecurity to reduce and manage risk, it includes a series of simple, low-cost steps that have been tailored to meet the needs of all companies, including SMMs.
For a complete walkthrough, see pages 15–27 of the publication “Small Business Information Security: The Fundamentals”. Here though, is a quick overview of the five steps a manufacturer can take to handle cybersecurity risks.
Five steps any manufacturer can take to handle cybersecurity risks, per the NIST cybersecurity framework.
Identify and control who has access to your business information
For most SMMs, the security of their information, systems, and networks is not the highest priority given everything else they’re faced with. But an information security or cybersecurity incident can be detrimental—or even catastrophic—to their business, customers, partners and suppliers. It’s important that manufacturers understand and manage cyber risks by establishing a cybersecurity program to protect their assets.
If you would like to better understand your current cybersecurity risk, you can use the MEP National Network Cybersecurity Self-Assessment Tool, or connect with your local MEP Center by calling 800-MEP-4MFG.