As a result, PMMI has created CyberHealth, to assist you with your cybersecurity needs and keep you up to date on current business practices, key trends, and imminent threats. Check this page often as we will be updating the information and resources on a regular basis.
Get cybersecurity updates straight to your inbox by opting in to receive CyberHealth emails.
In May of 2021, the Center for Internet Security released version 8 of their Critical Security Controls framework. With this major version update came a number of additions to keep up with the evolution of cyber threats and changing uses of technology that need to be considered for security.
Antivirus and anti-malware tools have come a long way in the past several years. These tools originally functioned by simply scanning your computer for infected files, and eventually evolved to become more proactive by scanning downloaded files and inbound e-mails as they were downloaded to your computer. Today these tools are better known as Endpoint Detection and Response (EDR) tools and they are far more sophisticated than simple file scanning.
It’s a safe bet that most computer networks have some basic security mechanisms in place such as firewalls or passwords on wireless networks. Unfortunately maintaining basic network security isn’t enough anymore to protect your company from potential cyberattacks. Network security can also get complex and expensive quickly. So what security mechanisms should you begin with if you haven’t already?
The first step towards protecting your computer network is to know exactly what is connected to it. In fact, it’s the reason why having an “Inventory and Control over Enterprise Assets” is the first control in the CIS List of 18 Critical Information Security Controls.
Many organizations struggle to find the right level of formality when it comes to documented security policies. Smaller manufacturers in particular may struggle with having too few policies or not having the right policies to cover the breadth of topics needed to properly secure their technology assets and guide employees on what is and isn’t acceptable.
As technology continues to evolve, so does the sophistication of malware to exploit it. Manufacturing in particular has become familiar with Ransomware in recent years as a growing threat that has given rise to massive business and supply chain disruption. Ransomware has traditionally targeted computer systems and networks with the goal of holding them hostage for payment, and has almost become an industry of itself for cyberattackers. As technology has evolved to include more and more interconnected devices as well as devices with interconnected components, we are now seeing the rise of a new type of threat called Jackware.
Ransomware has become a well-known cyber-threat over the past several years, with more and more criminal organizations leveraging it as a way to disrupt all types of businesses in the hopes of a quick pay day. Ransomware is a particularly nasty strain of malware because it encrypts your data and holds it hostage for payment, and has the ability to spread across devices and networks with the potential to infect the entire technology infrastructure of companies which can cause months of disruption.
With the risk of cyber attacks higher than ever before, it’s never been more crucial to ensure that your business is adequately protected from disruption. Many companies think they have coverage for cyber incidents through their business or liability insurance provider, but did you know that all cyber coverage is not the same?
Weak passwords and compromised credentials have been among the top reasons behind cyber breaches for some time now. Did you know that simple passwords that are less than 7 characters in length can be cracked in mere seconds? Commonly used passwords such as “123456” or “password”, or even your dog’s name, can be easily cracked and are not considered secure at all.
Cybersecurity awareness training has been identified as one of the most key actions that companies can take in order to prevent cyber attacks. Employees using computers to do their jobs every day are the first line of defense against cyberattacks. Since the pandemic began, the number of floor manufacturing staff with access to corporate e-mail, applications, and networks has risen sharply with many of these employees having never had access to these systems previously. It is essential that every company establish a security awareness training program to regularly keep its employees apprised of common threats and new attack vectors, and most importantly, how to spot them in order to keep your systems safe.
