USAMfgHour Twitter Chat Recap for February 27, 2020
This week, Joanna Johnston of Estes Group (@EstesGroup) hosted an informative chat for our #USAMfgHour participants on ERP and manufacturing IT security.
Did you know that 43% of cyber attacks are against small businesses with less than 250 employees and that 60% of those businesses will close within six months? Joanna shared this startling statistic from Verizon’s 2019 Cyber Report to start off the chat and then asked what participant companies are doing to keep their IT systems safe. Answers varied, but most people said they either have an in-house IT team, an IT vendor, or a combination of both to help them stay vigilant and safe. @NJMEP said, “We ensure to send out consistent reminders about Cybersecurity tips and best practices. They are sent to all employees. There is also a yearly test all employees must take that reviews the basics of personal #cybersecurity.” [Do you test your employees on their personal cybersecurity?! Let us know in the comments] Joanna suggested that companies start with Good Cyber Hygiene to increase their cyber security. They can do this by requiring dual-factor authentication, employee training, regular data backups, and keeping up-to-date anti-malware deployed on all equipment accessing the internet.
Joanna next asked participants whether they or other businesses they work with have been victims of ransomware attacks after sharing that Accenture’s 2019 study found that ransomware payment demands increased by 21% between 2018 and 2019 and that the average ransomware payment is over 41,000. A few participants said they knew someone who’d been affected, but, thankfully, most of them hadn’t. @DCSCInc said that a ransomware attack nearly shut down one of its $150MM clients for a week and that it took a lot to straighten out. Joanna shared that almost every company has experienced or knows another company that has been a victim of ransomware, yet only 60% of companies have a data recovery plan in place. She said that having a good data disaster & recovery plan will minimize business impact in the case of a breech.
Next, Joanna asked whether participants are protecting themselves from vulnerabilities around IoT and smart manufacturing? Joanna warned that basically anything with a connection can be hacked: computers, smart equipment, medical devices that use transmission. She added that many companies have former users or old computers that still have access to internal company systems that present potential cyber vulnerability points. @CVTPlastics, @AxisNJ, @MezzGate and @SocialSMktg all showed concern around this area and mentioned that they will be looking into it further. @NJMEP expressed how important it is for manufacturers to make cybersecurity a business strategy to ensure understanding of potential risks and increase protection.
Joanna then moved onto the new Cybersecurity Maturity Model Certification (CMMC) for Department of Defense contractors. None of this week’s participants currently work with the DoD, but were interested to learn more about the program. Joanna said, “If your company is a direct supplier to the DoD you might already know you need to comply. But CMMC will affect companies within the supply chain. If you supply a DoD supplier, you too might need to comply with CMMC.” She further stated, “We work with many ITAR compliant companies – and know the depth of requirements for CMMC. Companies cannot self-certify and instead companies are assigned levels & require a Certified 3rd Party Auditor to certify them. Its a big deal coming down the pipe.” Learn more about CMMC in Joanna’s blog post. @NJMEP shared their resource on this, too.
The next thing discussed was whether participants have an all-in-one sales, operations, warehousing, and finance system or whether they’re still separated. Everyone who responded said they are still separated. Joanna responded by saying that 2 out of 3 manufacturers and distributors running #Epicor ERP report efficiency gains over 20%. ERP systems gather & report real-time production metrics, accounting & costs, drive overall company effectiveness, & increase customer satisfaction.
Joanna closed out the chat by asking participants what new policies or practices might you want to deploy to be safer around cybersecurity? @LiftWisco is checking into their IT security/recovery plan to make sure the company is protected. Everyone else who responded said their #1 priority is getting informed on the topic and doing what they can to help make sure proper security is there.
On March 5, 2020, Bill Garland (@BillGarlandSpkr) will host a chat on leadership and finding work-life balance. We hope you can join us. In the meantime, check out Joanna’s blog post on cybersecurity audits.
The #USAMfgHour chat is founded by @DCSCInc @BIllGarlandSpkr @CVTPlastics @witzshared and @SERVICECASTER. Be sure to follow the official account for chat highlights, recaps, and information at @USAMfgHourChat and visit us on other platforms to keep in touch between chats.
LinkedIn Page: https://www.linkedin.com/company/usamfghour-twitter-chat/
LinkedIn Group: https://www.linkedin.com/groups/12334688/
Tags: @DCSCInc @BIllGarlandSpkr @witzshared @SERVICECASTER @AxisNJ @CVTPlastics @NJMEP @EstesGroup @LiftWisco @SpaceGuard @rutlandproducts @MezzGate @SocialSMktg