What's Your Risk In A Cyber Attack? A Manufacturers' Self Assessment Tool

The threat of cyber attacks and ways to prevent them are important for everyone — producers and others. Cyber-criminals may end their operations and demand that your company spends thousands of dollars to improve security measures and reassure customers that you are still trustworthy.

One of the challenges facing manufacturers with cyber threats is that they don't know how vulnerable they are. Have you ever considered how to evaluate the level of vulnerability of your company? Would it not be great to understand your business better to meet your cybersecurity requirements?

Fortunately, than you might think, it's easier. Start by using the MEP Cybersecurity AssessmentTool National NetworkTM to assess your company's level of cyber risk.

An overview of the Tool on cyber safety

As you know, a five-part Cybersecurity Framework, the National Institute of Standards and Technology (NIST) has become a standard for cyber security in industry and in many more sectors. It follows five categories: identifying, detecting, protecting, responding and recuperating. It also supports MEPs' autoevaluation tool.

Determine

You can begin to use the assessment tool after you have submitted some basic information about your company, including your state of residence. Please note that NIST and the MEP Network do not keep your company information except its location. Your score will not be recorded for every step of the framework. If you use the tools again for a re-evaluation, you may want to take note of your score.

Part I of the Self-Evaluation Tool

It covers existing structures and practises that help identify your company's cyber threats.

The following topics include: Themes

Whether you have identified your company's confidential data and which devices it contains Phishing and access to sensitive information for employees Whether the devices that contain sensitive information are current and not important business applications In terms of cyber security, you need to understand your company's legal and regulatory requirements Identification and expression of organisational risk tolerance Sharing and receiving information from internal and external sources about threats and vulnerabilities How your business administers passwords Passwords use the strength and complexity of How often do you change your company?

The answers are easy; most only "yes," "no," or short responses are required.

Protect Protection

Next, the tool goes to the NIST Cybersecurity Framework category for protection and deals with protection of the system. Be prepared to answer questions like:

1.Timing automatic

2.Firewalls

3.Policies on retention of data and destruction

4.How frequently does employee training in cybersecurity allow workers to access data on a remote basis

5.Physical asset access management

6.Disaster Recovery Policy Data Encryption

7.Managing and protecting physical assets

8.Whether your department helps with cybersecurity practises by locking a person's account when they leave the company

Detection

The NIST cybersecurity framework detect category evaluates how well you are able to detect malicious threats to your systems. Questions relating to issues such as:

1.Protection against viruses and malware installed in devices

2.Malware frequency control

3.How your company monitors cyber safety events

4.Whether you track and correlate network security events with log files

Answer

The answer part of the context examines the readiness of your company to take action after a cybersecurity threat or incident is detected. The questions include: Themes

1If parties in your organisation have assigned and are able to perform roles and responsibilities if necessary.

2.Details about your company's response plan after an incident are available

3.Whether you made changes to stop problems from happening again after previous cyber security issues

4.Whether a person or group is responsible for controlling cybersecurity events and finding out when and where it took place

Return

The Recover category addresses the practises that you have implemented to help your company recover from an incident of cyber security. The section deals with:

1.How many times are your data backed up

2.Whether you have contact details for parties that can help recovery as necessary — for example, law enforcement officers, providers of internet services, public relations offices and cybercrime lawyers

3.Whether your recovery plan has measures to restore normality after a cybersecurity event you and your employees take

4.Whether somebody is responsible for the recovery management of the organisation

5.Whether you have cyber security insurance coverage

After the questions in your Recovery section have been completed, the tool shares a few recommended resources before generating your score.

How your local MEP centre can help ensure cybersecurity your business

If you have the assessment showing that your cyber-security strategy has problems, or if you are vulnerable in a certain area outlined in the NIST Cyber-Security Framework, you can reduce risk for the manufacturing industry from your local MEP Center. The link to an interactive map of Manufacturing Extension Partnership (MEP)centres, you can search by state or location to find your local MEP Center, is among the resources provided once the evaluation has been completed.

Recall, knowing that a problem exists is the first step towards making a change. To arma yourself with knowledge, use the National Cybersecurity Assessment Network Tool of EuroMP!