This article appeared in the March 2019 issue of MiMfg Magazine. Read the full issue and find past issues online.

You heard about it on the news. Another security breach, another company falls to ransomware, another list of SSNs is exposed. While you may think “that doesn’t happen to companies like mine,” the hard truth is that it does — it happens every day. Cybercrime is constantly changing and here are three things that we see as grave challenges that every company, especially manufacturers are faced with:

The Constant Change in Threat Landscape

As technology continues to evolve, so do threats. In the past, it took some time for cybercriminals (or the ‘bad guys’) to modify their techniques. We had time to get used to one threat and how to combat it before the next one was released. That just isn’t the case anymore. We now see phishing campaigns being released on a regular basis — and worse yet, they change daily. A single type of phishing campaign can have the email itself, and the exploit, change multiple times through a given 24-hours. On top of that, Cybercriminals are recruiting partners to help distribute the malware. This can easily be compared to multi-level marketing (MLM) — only for malware. These advances in the threat landscape are challenging for business owners and IT departments because it boils down to not having enough time and resources to stay on top of the threats. Which brings us to the next challenge…

The Reliance on Legacy Systems

Many manufacturers are still relying on their legacy systems for production. While in theory, legacy systems may still function, they also create an enormous amount of vulnerability. Legacy systems typically don’t receive security updates and patches, which can expose the entire organization to threats, ransomware, and malware. Manufacturers are in a tough position though. If given two options: continue production on a legacy system and save on upgrade expenses or invest in system upgrades but risk having to slow down production during the process, most manufacturers will opt to continue with the legacy system. We can’t blame them! Production is the very foundation of manufacturing. Slowing down production could result in lower sales and revenue. But at what cost? How much are manufacturers risking by not protecting their data, production designs, etc? You must ask yourself if it’s worth it. Is that something you want to gamble?

Traditional IT Staff Are Not Prepared to Respond to Threats

When it comes to IT departments, we often see a dedicated team of technicians wearing multiple hats. They don’t have the time nor the resources to keep up on all technology demands of them. It is nearly impossible for an IT department to care for the daily tech issues and troubleshooting, let alone have time for strategic planning for the company and combat cybercrime all at the same time. There just aren’t enough hours in the day. To properly protect a company from cyber threats, there are numerous trainings, certifications, and round the clock monitoring that needs to take place. Unless you have a dedicated team to keep up on the constant changes in cybercrime, chances are, your IT team is simply not prepared to protect your company from today’s threats.

As your company continues to grow, are you doing everything in your power to protect it? This is an area where you should seek outside assistance and enlist the services of a qualified Managed Security Provider. A good Security Partner can provide technology, people and processes to keep your business safe.

About the Author

Josh Gembala is the Enhanced Security Services Manager with ASK. He may be reached at 517-676-6633 or jgembala@justask.net.