Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Spangler Protected after Cybersecurity Assessment Facilitated by CIFT

About

Since 1906, Spangler Candy Company has been a family-owned and operated confectionery manufacturer in Bryan, Ohio (pop. 8,300.) It is one of the largest lollipop producers in the world, and the only major candy cane producer in the United States.

The Challenge

Spangler recognized the need to keep up with protecting their computer networks, devices, and data from unauthorized access or criminal use,  and with ensuring confidentiality, integrity, and availability of information to their employees and customers. The company needed an assessment of their current cybersecurity protocols, along with implementation and documentation of any necessary changes. Having worked with CIFT, part of the Ohio MEP and the MEP National Network™, before, Spangler reached out again for help.
Spangler Candy's engagement with CIFT and CentraComm was a catalyst towards helping us work towards our cybersecurity Incident Management Plan. Through several on-site tabletop exercises, we were able to formulate how we would respond if certain situations were to occur. During this process we not only worked on our plan but we also learned about what types of services we could leverage from our IT vendors and insurance carriers. This type of strategic planning is vitally important to the long term success of our company.
— Ken Richer, Director of IT

MEP's Role

CIFT brought in a partner, CentraComm Risk Assurance, to first conduct an initial incident management plan template. The next step was to focus on malware and ransomware response practices. CentraComm then developed and facilitated tabletop exercises to train Spangler employees. This work improved the company's cybersecurity position and increased vigilance towards potential threats.
Created November 23, 2024