5 Cyber Security Best Practices for Small & Medium Manufacturing Companies

Background image of blue code

By: Jeanette Stevens; Marketing & Outreach Manager, GENEDGE

Is cyber security compliance and breach preparedness a priority for your company?

In 2022 if you are considering top key areas to focus on to keep your small or medium manufacturing business running smoothly and safe from potential cyber-attacks, then having a strong cyber security plan in place should rank at #1.

Cybercrime alone will cost the world $6 trillion annually by 2021. (Cybersecurity Ventures) and with that 77% of industrial companies rank cybersecurity as a major priority. (Kaspersky Labs)

Keeping your company data safe from attacks will take vigilance and action. Every single day of failed cybersecurity planning tactics is a vulnerability that your manufacturing company may not recover from should a data breach take place.

To help you safeguard your company from cyber threats here are 5 simple best practices that can be implemented today:

  1. Protect important data: There is great vulnerability with information passing from server to server. Your companies most critical assets should be protected. Think about the kind of intelligence that is held within company databases and servers: social security numbers, payroll and benefits, bank account information, personal emails, addresses – any of this information could cause devastating consequences should there be a cyber-attack. Create a system to determine who within the organization can have access to important company data. It is important to take inventory of the types of data your company stores, and to make a list of the personnel who are authorized to access each specific type of data.
  2. Make sure to include a Privacy Policy: There are many challenges small and medium manufacturers face when protecting the privacy of its employee base. Online usage makes it even harder for companies to safeguard themselves against potential attacks. For example, visiting unsecure websites, opening, or communicating with emails phishing for information, also new threats like social media and mobile. Create a strong privacy policy by training staff to maintain safe procedures while on and offline, install a VPN, “Virtual private networks, or VPNs, protect users from the prying eyes of hackers as they browse online. Robert Siciliano explains that a VPN "routes data coming from your computer through servers in another location and scrambles it to make it unreadable."  (source: Project Spectrum)
  1. Identify which data is highly sensitive - and protect it: It is no longer enough to simply be compliant with privacy requirements or technical safeguards to the minimum extent possible. Protection of personal information requires giving effect to all privacy principles and practicing privacy compliance throughout the lifespan of the information, including demonstrating accountability, being transparent, practicing data minimization, ensuring appropriate use and disclosure, implementing effective access controls, and abiding by reasonable retention periods and safe destruction methods. (Source: https://gesrepair.com/cybersecurity-manufacturing/)
  2. Ransomware Attacks: Ransomware is the No. 1 threat to SMBs with 1 in 5 reporting that they have fallen victim to a ransomware attack. (Datto) Ransomware attacks often occur on weekends or holidays, allowing as much damage as possible before an attack is even recognized. Defending against ransomware requires a holistic, all-hands-on-deck approach that brings together your entire organization. Developing plans and policies, while maintaining a system for backing up data will sustain your company preparedness and safety.
  3. Update antivirus and systems programs regularly: computers are constantly at risk of getting a new virus, implementing a sound anti-virus program, and updating it regularly helps minimize the risk. “The frequency of updating your antivirus software can vary depending on how you use your computer, but most manufacturers recommend updating it quite regularly, sometimes even every day. You might need to update your antivirus software daily.” (Source: https://www.nstec.com/why-is-it-important-to-update-anti-virus-software-regularly/)

In conclusion, for small and medium manufacturing companies, MEP centers across the country are equipped with the resources and assistance needed when creating a robust cyber security plan. In Virginia, GENEDGE has created an assessment tool intended to allow manufacturers to gain deeper insight into the current state of their security system, and to highlight where they may need to focus to increase the cybersecurity posture.

For questions about implementing cybersecurity planning in your business contact Roy Luebke, Engagement Manager, (276) 732-8372, rluebke@genedge.org