Apr 26, 201812:49 PMMaking Madison
with Buckley Brinkman
Get excited about cybersecurity — no, really!
(page 1 of 2)
Learning new things excites me.
A recent trip to Detroit proved it again as our MEP National Network team worked to make sense of cybersecurity for small- and medium-sized manufacturers (SMMs) across the country. It’s a fascinating quest because the subject area is so broad and high and deep — plus it changes every week. The outcomes hold serious consequences for everyone involved, which presents a major challenge for the MEP system charged to devise practical solutions. I’m a neophyte in the area, so my knowledge base expanded by a huge percentage. Exciting stuff, with much more to come!
Of course, I wanted to share my excitement and new knowledge as quickly as I could, so I visited a local executive to fire him up. Cybersecurity is a critical issue that will affect everyone and becomes more serious every day. Surely, the details would fire up my friend and he would be as excited as I was. Yet, the further I pushed, the more I thought a yawn would be a better reaction than what I got.
“Why aren’t you more excited?” I asked.
“I fail to see how this has much to do with me,” he responded. “I’m way too small to be anyone’s target and even if they attacked me, there’s nothing here that anyone would want.”
CRASH went my excitement. Everyone should be engaged, yet it wasn’t the case here. Of course, I’ve also learned that once “should” enters a sentence, nothing ever works the right way.
All this pushed me to think about why more people aren’t paying attention. Are we too busy? Not aware? Think that nothing can be done or we’re in a low-risk situation? I’m not sure.
How many of you have participated in a “white hat hack,” where an expert tries to breach your organization’s virtual and physical facilities? One of my friends works at a company that contracted for one of these test hacks. The company lost control of its entire operation in less than two weeks. Servers, networks, systems, bank accounts, and physical assets were all breached. Ironically, the best-protected company facility was breached through a wireless printer. Modern hacking techniques make everyone vulnerable.
I hear you saying, “I fail to see how any of this affects me. My operation is too small and has minimal value to anyone else. Besides my IT guy takes care of it for me.”
Let me give you three reasons to jump in:
- The first steps are easy;
- Your customers will demand it; and
- Proactivity may save your company.
Small steps and persistence can make a big difference.
Take the first easy steps. Forensic studies show that 80–90% of cyber events are enabled by poor software patching, compromised credentials, or employee actions. Most companies will not be victims the first day a virus is introduced, so running current software with all the updates in place prevents many attacks before they happen. Next, passwords and usernames rarely prevent any but the most casual attacks. Multifactor authentication should protect your accounts and facilities. Finally, train your employees to make them smarter about the threats to both the company and their personal accounts. These three actions close major hacking doors and will make your organization more secure.