On March 16th, TechSolve held its annual Navigating Cybersecurity Summit, bringing together over 80 manufacturers and business leaders from Southwest Ohio. Manufacturers large and small gathered for this half day event to better understand the financial benefits of cybersecurity and the resources needed to implement a strong cybersecurity program. The best advice manufacturers walked away with was that it is never too early to start your cybersecurity program and planning, but it can be too late.
The summit included lunch, informative presentations from several cybersecurity experts, internationally recognized keynote speaker David Kennedy whose mission is to drive the industry forward and make the world a more secure place, two panel discussions focused on operational technology (OT) cybersecurity and compliance, and concluded with a networking happy hour.
Navigating Cybersecurity Summit Speakers & Sponsors
We kicked the day off with our keynote speaker, David Kennedy, Founder of Binary Defense and TrustedSec, who took us through the current cyber threat landscape impacting the world, and more importantly, manufacturers in the United States.
Then Jonathan Theders, CEO of RiskSOURCE Clark-Theders, addressed cyber liability and what’s happening in the marketplace. Shawn Waldman, CEO of Secure Cyber Defense, followed with when and how to make strategic changes to your cybersecurity program. The third and final individual presentation by Cesar Peña, Senior Cybersecurity Engineer at MxD, dove into deployable tactics that manufacturers can use to reduce cyber risk in their supply chains.
The event then shifted to two panel discussions, both moderated by Steve Gillock, Director of Cybersecurity at TechSolve. The first panel focused on OT Cybersecurity, where C. Emre Koksal, PhD, Founder and CEO of Datanchor Inc., Ron Pieper, Customer Support Manager at Juxtum, and Cesar Peña walked us through the importance of a strong OT framework and how it also intersects with company networks.
Next, the Compliance Panel addressed meeting the standards of cybersecurity compliance and reinforced how a solid cybersecurity program can prove beneficial for manufacturers. The panel members included James Goepel, Director of Education and Content at FutureFeed, Andy Leitner, Director of E-Commerce and IT at NovaVision Inc., and Thomas O’Neill, Information Technology Educator at Butler Tech.
2022 Navigating Cybersecurity Sponsors
This event was not possible without the support from our amazing sponsors! Ohio Manufacturing Extension Partnership (Ohio MEP), WesBanco, Check Point Software Technologies Ltd, Nokia, and CiNPA.
Key Takeaways from the 2022 Navigating Cybersecurity Summit
1. Multifactor Authentication (MFA)
If there is one thing attendees walked away with it was MFA. Nearly every single speaker touched on MFA and for a good reason. MFA is the #1 easiest thing companies can do to protect themselves. Individuals have a hard time creating unique, long, and strong passwords for each website or service they use. So, having a user ID, password, and MFA generate a temporary code is a must-have solution to strengthen security. This tactic should be implemented for every bank, web service, and internal system used by individuals at your company. Bonus, pair password managers with MFA and you have an ultra-secure method for remembering all those unique passwords you should be creating.
2. Risk Management Capability
All organizations have risks associated with the work they do and managing this risk exposure is critical. Having an internal risk management program will detail activities and actions which will force the organization to uncover and attempt to reduce the risk wherever possible. This could mean regular vulnerability scanning (semi-annual, quarterly, constant scanning) will help find new risks in vulnerable software or misconfigurations. Threat actors are looking for vulnerabilities in order to find other ways into the environment if social engineering doesn’t work.
3. Incidence Response Plans
Incident Response Plans are essential for when you experience a cyber incident as they guide you on how to react. Responding to an incident quickly will help your company minimize losses, mitigate exploited vulnerabilities, restore services and processes and reduce the risks that future cyber incidents pose. With a plan in place, you will have steps that are tied to processes like maintaining evidence around the event/incident, who to report to (internal and external), and how you should confirm that the environment is free and clear of infection or breach.
4. Cybersecurity Awareness Training
Your employees are your frontline of defense and should be up to date with current tactics threat actors use to access systems. Regular cybersecurity awareness training includes active phishing campaigns conducted by IT and cybersecurity personnel to try and trick the end users. In this case, falling victim to this type of dummy attack in a simulated environment will result in additional training which will help them avoid being tricked in the future. Repeat training will serve as a refresher where they can see examples of phishing attacks or other social media engineering attacks (attacks designed to prey on the victim) where email is used.
Up Next: How to Prove and Achieve CMMC Compliance Webinar
Our last webinar discussed the strategic changes made to CMMC with the introduction of 2.0. Now we’re back with our trusted partner FutureFeed to discuss timeline, budgeting, and how to track your progress towards compliance
Join us on Tuesday, May 3rd from 11:30 – 12:30 to learn:
- How the timeline for CMMC has been affected by COVID and recent Department of Defense Updates
- Steps you should be taking now to plan and budget for compliance by 2025
- How to effectively track your progress towards compliance
Strengthening Your Cybersecurity Takes Time
Building a strong cybersecurity program will not happen overnight. Whether it is a lack of cybersecurity skills or a lack of budget and resource constraints, implementing a security program takes time and effort. However, with cyber-attacks becoming more frequent (for every size business) and sophisticated, now is the time to shift your organization towards a security-first culture.
TechSolve can help. With decades of experience in the manufacturing field, our trusted cybersecurity advisors will work with you to identify vulnerabilities and gaps in your security and provide plan and budget recommendations to mitigate your company’s cyber-related risk.