demystify cybersecurity for small and medium sized
play

Demystify Cybersecurity for Small and Medium Sized Manufacturers - PowerPoint PPT Presentation

Dec 03, 2022 •312 likes •939 views

Demystify Cybersecurity for Small and Medium Sized Manufacturers Webinar Webinar, September 17, 2020, 12:00-1:00 pm Webinar Agenda 1.Introductions 2.What is Cybersecurity? Why is it important? Cybersecurity Audit Prepare for

  1. “ Demystify Cybersecurity for Small and Medium Sized Manufacturers” Webinar Webinar, September 17, 2020, 12:00-1:00 pm

  2. Webinar Agenda 1.Introductions 2.What is Cybersecurity? – Why is it important? – Cybersecurity Audit – Prepare for CMMC 3.Remediation – Importance of Managed Services 4.Funding Opportunities 5.Q&A

  3. Manufacturing Extension Partnership Mission To enhance the productivity and technological performance of U.S. manufacturers

  4. National MEP 2019 Results

  5. The NYMEP System • 10 Regional Centers • One State-wide Center, FuzeHub

  6. NY MEP Services Offered • Growth and Innovation • Operational Excellence – Strategic and Operational Planning – Quality and Environmental Services: ISO9001, AS9100, ISO14000 – Sales & Marketing – Lean Enterprise and Six Sigma – Export Assistance Programs – New Product Development (NPD) – Information Technology – Entrepreneur and Start-up Assistance – Project Management • People Development • And More… – Leadership Principles & Coaching – Technology Road Mapping – Supervisors Training – Cybersecurity – General Workforce Training – Safety Programs – Grant Assistance

  7. Our Partner Presenters Today • Paul LaPorte - Cyber Security Coordinator, As an IT professional for 10 years, Paul has provided a variety of IT and Cyber Security solutions and training in the fields of engineering, manufacturing, education, commerce, insurance, and more. Paul has an A.S in Microcomputer Technologies: Technical Support and a B.S. in Network and Computer Security. Prior to joining AIM, Paul was the Interim Director of Information Technology at the Utica School of Commerce. Steve Stellwagen - Steve Stellwagen is an IT Solutions Consultant at ComTec Solutions, an ERP and IT • managed services provider based in Rochester, New York, that has been serving a diverse range of manufacturers for over 25 years primarily in the Northeastern U.S. Steve specializes in helping business leaders find ways to succeed by leveraging their investments in technology in an efficient and cost effective manner, with a focus on their business objectives first. He has over 20 years of experience in the technology services industry, and has played an integral role in creating meaningful partnerships at ComTec Solutions.

  8. Webinar Agenda 1.Introductions 2.What is Cybersecurity? – Why is it important? – Cybersecurity Audit – Prepare for CMMC 3.Remediation – Importance of Managed Services 4.Funding Opportunities 5.Q&A

  9. What is Cybersecurity?

  10. What is Cyber Security? Definition: • Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security.

  11. What is Cyber Security? • Cybersecurity is the body of technologies, processes and practices…

  12. What is Cyber Security? • Cybersecurity is the body of technologies, processes and practices… • Designed to protect networks, computers, programs and data… • From attack, damage or unauthorized access…

  13. What is Cyber Security? • Cybersecurity is the body of technologies, processes and practices… • Designed to protect networks, computers, programs and data… • From attack, damage or unauthorized access… • In a computing context, security includes both cybersecurity and physical security .

  14. What is Cyber Security? • Why is this important for small/medium manufacturers? • “I’m too small to be attacked” “This won’t happen to me” • • “I have more important things to worry about”

  15. “Do you have insurance?”

  16. Reactive vs. Proactive • Nearly all businesses have insurance • To protect from unlikely but damaging events. • Customers will usually remain loyal and return. • Can afford to react after disaster

  17. Reactive vs. Proactive • Cyber attacks can irreparably damage business if one happens • Customer will lose trust • You’ve put their information at risk • Susceptible to litigation up the supply chain • Being reactive isn’t good enough • Small and medium manufacturers are one of the most popular targets for cyber attacks because business owners do not give security a high priority. • Sixty percent of small businesses that are the victim of a cyber attack go out of business within six months of the event.

  18. Reactive vs. Proactive A strong cyber security plan provides a proactive solution rather than a reactive one. Instead of helping to recover from the disaster, it helps prevent the disaster from happening. Saving a business time, money, and preventing their reputation from being negatively affected.

  19. The Chain of Security

  20. The Chain of Security The areas which, when combined, comprise the majority of concern in regards to data theft and loss

  21. The Chain of Security • Physical: Can my information be accessed in the real world?

  22. The Chain of Security • Physical Security • Rarely associated with Cyber Security at all • Determines how easy it is for attackers to physically access information or devices

  23. The Chain of Security • Physical Security Considerations • Important equipment stored in secured areas (locked rooms/cabinets) • Physical access to building is restricted via locks, keypad/card swipe entry, etc. • Non-Employees entering facility have to sign in at reception/security station. • Video camera monitor entry points externally/key internal areas.

  24. The Chain of Security • Network: Can my information be accessed by an outside computer?

  25. The Chain of Security • Network Security • What people traditionally think of when they think “Cyber security” • Protects information and devices on network

  26. The Chain of Security • Network Security Considerations • Firewall installed to protect network. • User permissions are restricted to necessary duties • Anti-virus solution is present and up to date • Identity Management System in place • Program installation restricted to IT admins • Software updated and patched regularly • Public facing systems heavily secured and segregated from internal network

  27. The Chain of Security • Policy: Does my company have policies in place to keep my information safe?

  28. The Chain of Security • Policy Security • Rules set by management to determine how devices and information are handled. • Implementation of policies help support other areas of security.

  29. The Chain of Security • Policy Security Considerations • Company policy that clearly dictates usage of IT resources and handling of sensitive information • Documented references and restrictions on cell phones, password length, thumb drives, etc. • Clearly outline process for reporting IT and security incidents and who to report to • Allows information to be communicated uniformly and not through hearsay.

  30. The Chain of Security • Training: Are my employees properly trained to protect my information?

  31. The Chain of Security • Employee Training • Allows employees to safely and properly handle company devices and information. • Helps employees protect themselves and others from cyber security attacks. • The more knowledgeable a staff is, the more secure the company will be.

  32. The Chain of Security • Employee Training Considerations • Policy review with new employees upon orientation and existing employees at regular intervals • Allows proper communication of any additions to new policies and revisions to existing policies • Sound training and policies mean less incidents, reduced impact from incidents that do happen, and can help shift liability from incidents from the company to the employee if policies are violated

  33. The Chain of Security A chain is only as strong as its weakest link

  34. The Cybersecurity Assessment Process

  35. Step One: Logistical Map • Physical Walkthrough of the company • ID and document each individual device on network • Determine environment of IT devices and how they are being used • Allows specific questions to be asked about specific devices. • Overview of physical site security

  36. Step Two: NIST 800-171 Review • Review Entire NIST 800-171 Document • HR and IT Team involvement • 14 Sections, 110 Items • Compare company policies to see progress in meeting requirements • Access Control • Media Protection • Audit and Accountability • Physical Protection Awareness and Training Personnel Security • • • Configuration Management • Risk Assessment • Identification and Authentication • Security Assessment • Incident Response • System and Communications Protection • Maintenance • System and Information Integrity

  37. Step Three: Employee Interviews • Select five employees per 50-100 IT users • Varying departments Varying company experience • • Varying IT experience • General employees/management • Ask same series of questions • Find discrepancies in policy communication/training • See what one area may know/believe over another • NOT for disciplinary purposes

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Support Infrastructure of Director, Prof. Dr. Yury Reutov Small and Medium-sized Businesses in

Support Infrastructure of Director, Prof. Dr. Yury Reutov Small and Medium-sized Businesses in

Support Infrastructure of Director, Prof. Dr. Yury Reutov Small and Medium-sized Businesses in Russia 09/29/2016 .: (3467)-361889 SUPPORT ECOSYSTEM OF SMALL & MEDIUM-SIZED BUSINESS Industrial parks Technoparks and Science Centre

486 views • 14 slides
The Future of Small and The Future of Small and Medium Sized Nuclear Medium Sized Nuclear

The Future of Small and The Future of Small and Medium Sized Nuclear Medium Sized Nuclear

The Future of Small and The Future of Small and Medium Sized Nuclear Medium Sized Nuclear Reactors Reactors 2009 and Beyond 2009 and Beyond Presentation Outline Presentation Outline Distinguish from Large Commercial Reactors

575 views • 41 slides
Doing Business 2013 Smarter Regulations for Small and Medium-sized Enterprises Augusto

Doing Business 2013 Smarter Regulations for Small and Medium-sized Enterprises Augusto

Doing Business 2013 Smarter Regulations for Small and Medium-sized Enterprises Augusto Lopez-Claros alopezclaros@ifc.org December 2012 1 Pace of reforms remains strong in 2011/12: share of economies with at least one reform making it easier

565 views • 41 slides
BEYOND THE GTA Lessons Learned from Small and Medium-Sized Urban Areas P R E S E N T E D B Y D

BEYOND THE GTA Lessons Learned from Small and Medium-Sized Urban Areas P R E S E N T E D B Y D

BEYOND THE GTA Lessons Learned from Small and Medium-Sized Urban Areas P R E S E N T E D B Y D A V I D F O R S E Y M A Y 6 , 2 0 2 0 The Four Phases of Model Development Data Collection Model Architecture Model Estimation Panic BEYOND

367 views • 9 slides
Access to Finance for Micro, Small, and Medium-Sized Enterprises in Azerbaijan A Demand-Side

Access to Finance for Micro, Small, and Medium-Sized Enterprises in Azerbaijan A Demand-Side

Access to Finance for Micro, Small, and Medium-Sized Enterprises in Azerbaijan A Demand-Side Assessment Angela Prigozhina Country Sector Coordinator May, 2015 Agenda Setting the Stage Main Findings of the MSME A2F Survey Key Policy

519 views • 27 slides
Using Urban Climate Modelling to Support Climate Change Adaptation in Small- to Medium-sized

Using Urban Climate Modelling to Support Climate Change Adaptation in Small- to Medium-sized

Using Urban Climate Modelling to Support Climate Change Adaptation in Small- to Medium-sized Cities in Austria www.adapt-uhi.org Stefan Guggenberger Municipal Authority of the City of Klagenfurt on lake Wrthersee Department for Climate and

269 views • 13 slides
Role of small and medium sized urban areas in territorial development: Latvian experience and

Role of small and medium sized urban areas in territorial development: Latvian experience and

Role of small and medium sized urban areas in territorial development: Latvian experience and plans for the upcoming Latvian presidency of the Council of the EU Ilze JUREVIA Ministry of Environmental Protection and Regional Development

525 views • 15 slides
SCORE Website Cybersecurity Presentation DASHBOARD INTERACTIVE Digital Marketing Firm that

SCORE Website Cybersecurity Presentation DASHBOARD INTERACTIVE Digital Marketing Firm that

SCORE Website Cybersecurity Presentation DASHBOARD INTERACTIVE Digital Marketing Firm that emphasizes Website Security Founded in January of 2006 13 Team Members Work with Small and Medium Sized Businesses and Agencies

522 views • 41 slides
Update from SME Office Update from SME Office for for & medium-sized

Update from SME Office Update from SME Office for for & medium-sized

Update from SME Office Update from SME Office for for & medium-sized enterprises small micro EMEA Workshop, 8.2.08 Agenda Agenda Introduction SME Regulation and Incentives Type of companies assigned SME status

579 views • 33 slides
Business Support for Coventrys Small and Medium-sized Enterprises (SMEs) Stephen Weir/Parmy

Business Support for Coventrys Small and Medium-sized Enterprises (SMEs) Stephen Weir/Parmy

Business Support for Coventrys Small and Medium-sized Enterprises (SMEs) Stephen Weir/Parmy Singh, Economic Development Services SME Landscape SMEs account for 99.9% of all UK businesses NUMBER OF SME'S BY AREA Coventry, 9,995 27%

250 views • 8 slides
Introduction to the EMEA Introduction to the EMEA st EMEA workshop for micro, small and medium- 1

Introduction to the EMEA Introduction to the EMEA st EMEA workshop for micro, small and medium- 1

European Medicines Agency (EMEA) Introduction to the EMEA Introduction to the EMEA st EMEA workshop for micro, small and medium- 1 st EMEA workshop for micro, small and medium- sized enterprises (SMEs) sized enterprises (SMEs) 2 February 2007,

420 views • 11 slides
RoboCup Challenges Simulation League Small League Medium-sized League (less

RoboCup Challenges Simulation League Small League Medium-sized League (less

Robotics (c) 2003 Thomas G. Dietterich 1 RoboCup Challenges Simulation League Small League Medium-sized League (less interest) SONY Legged League Humanoid League (c) 2003 Thomas G. Dietterich 2 1 Small League

546 views • 25 slides
We help small and mid-sized businesses complete their critical projects in the Technology,

We help small and mid-sized businesses complete their critical projects in the Technology,

We help small and mid-sized businesses complete their critical projects in the Technology, Cybersecurity and Accounting space. Support Architecture TECHNOLOGY Cloud Virtualization ERP|CRM Infrastructure Systems + Network Engineering

421 views • 12 slides
Semantic Networks and Topic Modeling A Comparison Using Small and Medium-Sized Corpora Loet

Semantic Networks and Topic Modeling A Comparison Using Small and Medium-Sized Corpora Loet

Semantic Networks and Topic Modeling A Comparison Using Small and Medium-Sized Corpora Loet Leydesdor ff & Adina Nerghes D I G I TA L H U M A N I T I E S L A B Networks of words Semantic Networks Networks of concepts Content networks

408 views • 27 slides
Medium Sized Commercial Buildings 2014 Building Technologies Office Peer Review Building

Medium Sized Commercial Buildings 2014 Building Technologies Office Peer Review Building

Software-Defined Solutions for Managing Energy Use in Small to Medium Sized Commercial Buildings 2014 Building Technologies Office Peer Review Building Operating System Services (BOSS) User interfaces: smart phone/web-based Application Control

491 views • 16 slides
The GEF Small Grants Programme Decentralized, democratic, country-driven programme What really

The GEF Small Grants Programme Decentralized, democratic, country-driven programme What really

The GEF Small Grants Programme Decentralized, democratic, country-driven programme What really is GEF SGP? 1 SGP is: Part of GEFs funding modality, in addition to the Medium Sized Projects (MSP) and Full- Sized Projects (FSP)

475 views • 29 slides
PRACTICE AT THE CHRIST HOSPITAL Judi Godsey, PhD, RN Director of Nursing Research, The Christ

PRACTICE AT THE CHRIST HOSPITAL Judi Godsey, PhD, RN Director of Nursing Research, The Christ

RESEARCH AND EVIDENCE BASED PRACTICE AT THE CHRIST HOSPITAL Judi Godsey, PhD, RN Director of Nursing Research, The Christ Hospital Assistant Professor of Nursing, Xavier University Ohio Valley IACRN Meeting February 17, 2016 Objectives: 1.

818 views • 25 slides
INVESTOR PRESENTATION THIRD QUARTER 2015 FORWARD LOOKING INFORMATION This presentation is for

INVESTOR PRESENTATION THIRD QUARTER 2015 FORWARD LOOKING INFORMATION This presentation is for

INVESTOR PRESENTATION THIRD QUARTER 2015 FORWARD LOOKING INFORMATION This presentation is for informational purposes only and may not be reproduced or distributed to any other person or published, in whole or in part, for any purpose. This

472 views • 34 slides
QI TALK TIME Building an Irish Network of Quality Improvers Room to Improve Locating Lean in

QI TALK TIME Building an Irish Network of Quality Improvers Room to Improve Locating Lean in

QI TALK TIME Building an Irish Network of Quality Improvers Room to Improve Locating Lean in Person Centredness 10 th April 2018 Connect Improve Innovate Speaker Speaker: Sean Paul Teeling MBA, MA, BSc, BA, H.Dip Nursing, Prof Cert Lean Six

1.13k views • 33 slides
Please mute your phones, computers AND turn off cameras. Open chat box for questions Mute Type

Please mute your phones, computers AND turn off cameras. Open chat box for questions Mute Type

Thank You for Joining Us, We Will Begin Shortly Please mute your phones, computers AND turn off cameras. Open chat box for questions Mute Type and send (optional) Turn on Turn Camera Microphone questions here Closed Captioning Off here

784 views • 30 slides
Annual Shareholder Meeting Joachim Kreuzburg | Chairman of the Board and CEO | March 26, 2019

Annual Shareholder Meeting Joachim Kreuzburg | Chairman of the Board and CEO | March 26, 2019

Annual Shareholder Meeting Joachim Kreuzburg | Chairman of the Board and CEO | March 26, 2019 Disclaimer This presentation contains statements concerning Sartorius Stedim Biotech Groups future performance. These statements are based on

553 views • 32 slides
Traditional Textiles Of BIhar Aamatya Media Info. Pvt.Ltd. 5/28/15 Aamatya Media Info. Pvt.Ltd.

Traditional Textiles Of BIhar Aamatya Media Info. Pvt.Ltd. 5/28/15 Aamatya Media Info. Pvt.Ltd.

Traditional Textiles Of BIhar Aamatya Media Info. Pvt.Ltd. 5/28/15 Aamatya Media Info. Pvt.Ltd. 5/28/15 Fusion of Traditional Art and Fabrics Of Bihar known WorldWide Aamatya Media Info. Pvt.Ltd. 5/28/15 Tussar Silk Combination with

343 views • 17 slides
Patient Outcome? 2 Patient outcome Mitigate or cure disease No effect Adverse

Patient Outcome? 2 Patient outcome Mitigate or cure disease No effect Adverse

D I S E A S E Patient Outcome? 2 Patient outcome Mitigate or cure disease No effect Adverse drug event, difficult to predict Sometimes serious 3 Pharmacogenomic Medical Paradigm Patient Outcome - Mitigate or cure

999 views • 42 slides
EuResist Network Present and future Francesca I ncardona I I I EuResist I nternational meeting

EuResist Network Present and future Francesca I ncardona I I I EuResist I nternational meeting

EuResist Network Present and future Francesca I ncardona I I I EuResist I nternational meeting Bonn 4 May 2012 The EuResist EU project: 2006-2008 Topics and results Integration of viral genomics with clinical data to predict response to anti

393 views • 24 slides

More recommend