Cybersecurity and Manufacturers

Cybersecurity is frequently in the news and as the Internet of Things and connective devices increase it is critical to secure these systems. Cisco, a developer and manufacturer of networking hardware and software, defines Cybersecurity as the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

Being a cybersecure company requires all levels from the Board of Directors to the support staff be involved. Deloitte, a company that offers industry-leading audit & assurance, consulting, tax, and risk and financial advisory services, has outlined six key themes for cyber risk in advanced manufacturing including

  • Executive Board Engagement which outlines the need for ownership
  • Talent and Human Capital which is seen as the weakest link in the cybersecurity chain
  • Intellectual Property includes top data protection concerns
  • Industrial Control Systems
  • Connected Products
  • Industrial Ecosystem

As of a Department of Defense (DoD) interim rule that became effective on November 30, 2020, all top-level defense manufacturers must require their suppliers to document assessment action towards complying with NIST 800-171. This is the new baseline of what is called the Cybersecurity Maturity Model Certification (CMMC). CMMC is being phased in between 2020 and 2025 and represents one of the strongest cybersecurity protocols in any industry.

More than a third of all cyber-attacks against manufacturers cause over $1,000,000 in damage. According to the Illinois Defense Industry Adjustment Program, the region sees approximately $330,000,000 in defense spending as of 2018. The Rockford Region is one of the five communities in the state to have clear links to the defense manufacturing industry.

Manufacturers in our region has placed cybersecurity at a 70/100 priority in the recent RAEDC Manufacturing Survey from April 2021. IMEC also conducted a survey of manufacturers in Cook County which highlighted urgent needs of manufacturers released in 2021. Companies with 50 or more employees showed an increase in concerns such as Investing in Technology and Cybersecurity where companies with fewer than 20 employees sighted Growth as the primary concern.

Datto, a leading provider of IT solutions delivered by Managed Service Providers, reported that 32% of all ransomware attacks are targeted at the Construction and Manufacturing industries. This is concerning because Small and Medium Sized Manufacturers (SMMs) are often less prepared to handle a cyber event due to a hacker, natural disaster, or a business resource loss. NIST (National Institute for Standards and Technology) offers information that manufacturers can begin implementing prior to an incident.  

There are ways to be more cyber secure including working with partners such as the RAEDC, NIST, and other organizations that offer courses, seminars, or certifications.