MiMfg Magazine May 2019 | Page 26

26 MiMfg Magazine Premium Associate Member May 2019 How To Protect Your Company from Ransomware Attacks By Jessica Dore • Rehmann The average cost of a data breach is $3.86 million and the average cost per lost or stolen record is $148 per record. Cyber attacks have become big business for hackers, so stakes for your business have never been higher. Manufacturing companies have increasingly become more targeted as hackers seek to not only extort money for individual data but also steal intellectual property which may include patent information, formulas, and blueprints/schematics of confidential designs or unique assembly processes that can be sold for financial gain. Establishing and following preventive strategies to keep systems safe should be a no-brainer for all organizations, but sometimes these efforts fall by the wayside. Due to the increasing vulnerability for manufacturers to Cyber attacks that can potentially shut down production and have ramifications throughout a supply chain, it is imperative that manufacturing organizations develop a comprehensive cyber security defense plan. To prepare your organization to be well-equipped when it comes to protection from a ransomware attack, the following items are critical: • Systems should be continuously monitored and patched: A major fault of many organizations is failing to ensure all systems are up to date and monitored. With up-to-date monitoring systems and vulnerability scans in place, companies can be aware of when potential threats arise. Being ahead of the threat is the only way to prevent an attack. • Employee training program: Employees should be made aware of scam e-mails and what attachments they should avoid opening. Once attachments are opened through a phishing e-mail, the scammer can easily access the system and infiltrate. Making trainings available to employees can keep money and valuable data in the employer’s pocket later. • Have a sound backup in place: It is vital to perform regular backups of systems so data can be restored to a point in time prior to the ransomware entering the environment.    • Know the precautions being taken by suppliers and customers: A manufacturer’s exposure exists throughout a facility and beyond as manufacturing equipment gets smarter and the growth of the Internet of Things (IoT) enables increased access to equipment through direct connecting and communicating to outside parties. Once the groundwork is laid, highly qualified experts should be on the lookout to detect any error a tool may miss. We conduct tests for our clients, usually on at least an annual basis, and run thorough testing to bolster cyber defenses. In the event that a ransomware attack makes its way into your system, the most important step is stopping its spread. The sooner an organization can stop a ransomware attack, the better off it will be. If an organization is not equipped with up-to-date backups, they could be subject to a rude awakening. Without backups, organizations could be held at ransom, and in the worst cases be forced to pay the criminals or suffer from having to rebuild a completely new environment and lose data that will be difficult — if not impossible — to restore.   To avoid finding oneself in a helpless situation, executives must place high importance on cyber security. Although having systems in place may appear costly at the onset, the costs often pale in comparison to the price of reconfiguring a whole online environment. As busy manufacturers, we get caught up in the day to day and forget about potential setbacks. It’s all too easy to believe a ransomware attack won’t happen to you. This belief is idealistic, but unfortu- nately is often untrue. Ransomware attacks happen every day to organizations large, medium and small. To get ahead of a potential hack and prevent stress and loss of finances, be proactive and protect your organization today. 6 Jessica Dore, CISA, is a principal with Rehmann. She may be reached at 989-797-8391 or [email protected]. Rehmann is an MMA Premium Associate member and has been a member company since July 2006. Visit online: www.rehmann.com.