The Cyber Security Threat is Real
In 2010, a malicious software package called “Stuxnet” was discovered attacking Iranian uranium processing facilities. This malicious software (“malware”) was written specifically to target and disrupt Siemens PLCs. The goal was to cause industrial equipment to self-destruct, while simultaneously reporting to control systems that everything was operating normally.
In 2012, another piece of malware named “Medrea” was discovered copying CAD drawings from companies in Peru and sending them to China. The same malware also sent copies of users’ Outlook contents (emails, calendars, contacts, and more!) to China as well. Just imagine – with this information in-hand an attacker could apply for product patents before the original creator had even built a prototype!
Finally, recall the Target credit card breach in 2013. 41 million credit card numbers and 70 million sets of personal information were compromised. Initially Target offered to pay $10 million in settlements, but by the time the dust settled, the total cost of the breach cost them almost $300 million dollars.
We could go on, but our point here is that cyber attacks cost a lot, especially for manufacturers. Between equipment downtime and the potential of losing a federal procurement contract due to data breach, cyber threats cannot be ignored.
- The cost of a cyber incident increases by approximately 60% if it’s not detected within 30 days
- Average time for a US company to detect a cyber security breach is 76 days
- The total expected cost of ransomware in 2019 is $11.5 billion
What can I do about it?
Threat actors have realized that attacking companies – especially manufacturers – is much more lucrative than attacking individuals. Proper cyber defense requires multiple layers of protection including people, processes, and tools. Here are some common solution components used to bolster a company’s cyber security:
- Security Control Assessor
- Secure Software Assessor
- Security Architect
- Security Analyst
- Systems Security Analyst
- Change Management
- Incident Response
- Awareness Training
- Penetration Testing
- Security Audits
- Endpoint Protection
- Intrusion Detection Systems
- Next-Generation Firewalls (NGFWs)
- Backup/Disaster Recovery
“Where do I Start?”
Your first step is to figure out who in your company is responsible for cyber security. Cyber security initiatives, just like Lean, Quality, and Safety initiatives, need an internal champion to take ownership, drive adoption, and help steer projects around organizational challenges.
Next, have your champion call us. Whether you need a little cyber security tune-up or you want to find a trusted Cincinnati-based IT company to assume all your cyber security responsibilities, we are here for you. Just complete and submit the form below and someone will contact you within 8 business hours.