Sean Riley:
So now with all the fancy introductions out of the way, Ben, welcome to the podcast.
Ben Spencer:
Thanks, Sean. I'm really excited to be here.
Sean Riley:
Oh, we're the ones that are excited to have you. We've watched you grown before our very eyes to be a featured speaker now at all of our PACK EXPO events on cybersecurity and things like that, so it's a great thing to be able to catch you before the show next week and talk to you a little bit about cybersecurity. So let's say the majority of the population, regular people every day, have their different defenses for cyber security, but from a manufacturing standpoint, I guess, to simplify it, why should manufacturers and the people working in manufacturing be paying attention? What makes it so important, cybersecurity?
Ben Spencer:
Well manufacturers are in such a unique situation, being such a large part of the supply chain. It really puts a large target on their back. I mean, they have all this equipment and machinery laying around the plant, and everything talks to the internet these days. That means that any malicious wrongdoer, hacker, whatever you want to call them, can reach any piece of equipment at any time and potentially take down your plant.
Ben Spencer:
I think it's especially relevant now with the geopolitical events like the war going on with Russia and Ukraine. There's more state sponsored cyber warfare than ever before, so everyone needs to be on high alert. I have a statistic here that proves the point, and this is, "During COVID, for companies that were less than a thousand employees, manufacturers made up about 40% of targeted attacks alone." That's a pretty big piece of the pie.
Sean Riley:
Yeah, that's a lot. So, I guess, what can the employee, what can the guy that's sitting in the cubicle that's not out on the plant floor, the other people that are working it, why is the cybersecurity training so important for them? They're not actually working on the machinery that's going to be involved in the processing and the packaging. So for us layman out there, how's this all tie together?
Ben Spencer:
Well, that's a great question. The most successful and the most historical cyber attack is actually the most simple. Phishing attacks have been around-
Sean Riley:
You say successful like it's a good thing, but for a criminal, I guess it is.
Ben Spencer:
No, no.
Sean Riley:
But yes, I know what you're saying.
Ben Spencer:
Very bad thing. It is about, I want to say, it's in the 90th percentile for amount of cyber attacks are related to phishing. Now, whether it's phishing and it leads to something more serious, like ransomware, which, I mean, everyone has heard about ransomware at this point. I mean, you can think about the pipeline incident from last year. And that all starts from any employee opening an attachment or clicking on a link that they shouldn't have and giving them access to their system, and then the hackers are able to jump to the system they want to be on and shut down whatever they want to, corrupt whatever they want to, and really do some extensive damage.
Ben Spencer:
I mean, it's becoming more and more frequent. Phishing rose over 200% during COVID and it keeps climbing. So it's very, very important that everyone understands what phishing is and what it looks like and how to stop it.
Sean Riley:
We're saying phishing, but even going back to, and maybe I'm wrong, but even the famous Nigerian prince that wants you to send money. I mean, that is an example of phishing, no?
Ben Spencer:
Yeah. Yeah, no, it definitely is, and ironically, they saw a little bit of a comeback for that scam last year.
Sean Riley:
Oh, good. It circled back for the people that hadn't heard about it and it's basically, and most people say, at least from my world, "Well, that's crazy. Who would ever give into that?" But if they send it to 500 million people and one person does it, that's enough, so I get the idea behind phishing.
Sean Riley:
So I'm a manufacturer, I'm a listener, I'm back in the plan. I'm listening to this podcast and I'm thinking, "Oh no, we don't do any of this. We don't have cybersecurity training. We haven't really been up to speed on this." What can the listeners do that don't have these type of trainings already in place?
Ben Spencer:
I think the best place to start is to go to IT. Go to your IT department, go to whoever manages it and ask them, "What can you do?" If you don't have an IT department, go to operations or finance, whoever oversees even just the most basic information technology part of the organization and ask about it. Even if they don't feel comfortable putting together the security trainings themselves, there's great platforms that do it for a low cost and you really want to ask yourself, "Is it worth training our employees for this low dollar amount, or do we want eventually our plant to be shut down and us not be able to produce our product or do what we need to do and lose a bunch more money?"
Sean Riley:
Yeah, and how frequent? Again, you're noting I get where you have the Nigerian thing circling back apart, and not to pick on Nigeria, but with this stuff changing every day and with new hackers coming on the scene and stuff like that, if we did the training three years ago, am I good?
Ben Spencer:
No. No, definitely not. I mean, even five years ago, people used to do once a year an hour. That is not enough anymore. We recommend using short videos, explaining a new topic monthly, bimonthly. It needs to be more frequent than a year. Even if that's just one of your staff members giving a short presentation at your company, all hands meeting quarterly. It just needs to be more often than a year.
Ben Spencer:
What we find is when it's just once a year, employees take that hour long training, they take the quiz and then they forget about it after two months and that leaves you far, far too unprotected for the rest of the year.
Sean Riley:
Yeah, and even if you're reiterating the same things, I would just think keeping in front of mind like you said, if they are the front line of defense, just to keep it fresh in their minds is an important thing to do.
Sean Riley:
So we're in packaging and processing and a lot of times we hear about IT, but we also hear about OT. So with the plants, if you could explain that a little bit who is responsible for what portion of cybersecurity, whether it be on the plant floor or in the back office?
Ben Spencer:
I feel like the answer changes for every organization, but there's one thing that is consistent. You need to have the conversation, you need to lay out the responsibilities and you need to know what to do when that event happens. And I say, "When," because it will be when it's not if, it's when.
Sean Riley:
Right.
Ben Spencer:
And the time that you want to be figuring out what your responsibility is isn't during a cyber event. It's really, really important to lay out what needs to happen beforehand.
Sean Riley:
Okay. Then let's say worst case scenario, or you said it's going to happen regardless and hopefully you have protections in place, but let's walk through it. So in the event of a cyber attack, what am I doing?
Ben Spencer:
Well, you can start with calling your in-house IT leader. It shouldn't matter if it's 8:00 AM on a Monday or 11:00 PM on a Saturday. They want to know, as soon as possible, because the quicker you get your plan in motion, the amount of time you really save and the amount of money you really save. If you have a managed services provider, you want to call them too. Perhaps your IT leader or staff isn't picking up.
Ben Spencer:
It's also important to not be afraid to go out and get outside help. Engaging a third party to help identify the gap that was left to allow the cyber attack to happen is crucial to making sure it doesn't happen again and they are specialists. I mean, outside help usually means that this is what they do every single week and you're going to be way more likely to recover any data that might have been lost or recover money.
Ben Spencer:
Then also, you want to be able to alert the FBI or law enforcement. A lot of these attacks are the same attacks for other organizations and you want to report it so that they're able to track where these people are going and maybe predict where they're going to go next.
Sean Riley:
That's interesting. It's just like if you were burglarized or something like that, you would call the police. That's probably something that people don't think about outside of. And I also wasn't thinking of the getting outside help to tell you how they got in. That's another thing that I really hadn't thought of as something thing to take into consideration after a cyber attack.
Sean Riley:
Okay. I mean, with all this great information that we got out of just this tease, next week is PACK EXPO East. It is March 21st through the 23rd, at the Pennsylvania Convention Center in Philadelphia. I know that you were going to be speaking there a little longer on the topic. I think people will be able to ask questions and stuff like that. When's that taking place?
Ben Spencer:
Yeah. So it's going to be on Tuesday March 22nd at 1:30 in booth 1026. That's 1-0-2-6. I'll be speaking for, I think, about 45 minutes, but more likely it'll be 25, 30 minutes of me speaking and then we'll have a good 15, 20 minute portion of question answer. I'll definitely be hanging out around the booth before and after, for anyone who wants to ask any additional questions.
Sean Riley:
Awesome. Well Ben, last thing I can do is just thank you for taking time out of your day to give us this little preview, teach me a few things about cybersecurity and to let people know where they can find you next week at PACK EXPO East, so thanks again, Ben Spencer.
Ben Spencer:
Thanks, Sean.