Cybersecurity – Cyber Attacks Can be Devastating to Small Manufacturers

We can help you achieve accountability in your business operations and take proactive steps to enhance your company’s cybersecurity infrastructure and resilience.  

The risks are enormous and potentially devastating!​ 55% of small and mid-sized businesses have experienced a data breach or cyberattack. 43% of spear-phishing attacks are targeted at small businesses. 60% of businesses are left severely impacted.

As a result of increased concerns about cyber attacks, manufacturers with contracts from the Department of Defense (DoD), General Services Administration (GSA), and/or NASA must be compliant with defined cybersecurity requirements to protect Controlled Unclassified Information per NIST SP 800-171 (CMMC adjacent) or risk losing contracts. Small manufacturers in other supply chains such as automotive, medical, and energy can also expect cybersecurity contract requirements

Companies should not wait for customer-imposed requirements to identify IT security vulnerabilities and protect their businesses. All manufacturers, whether required or not, should take positive steps now to implement and maintain appropriate IT security controls, and know what to do if a breach does occur. Malicious threats target anyone. Just because your business doesn’t work with classified or controlled information does not mean you are not a target. 

Check out this IT/Cybersecurity recording from our summer 2021 Noontime Knowledge series.

Also, be sure to read our February 2022 Cybersecurity blog post. 

VMEC can provide resources and assistance to help manufacturers take action to protect their business. These include:

• Complying with Department of Defense Cybersecurity DFARS requirements
• Access to NIST Manufacturing Extension Partnership and MEP National Network cybersecurity experts
• Professional Services for Assessment, remediation, and security monitoring with local and national cybersecurity experts and service providers
• Connection to State of Vermont partner resources such as the Vermont PTAC (Procurement Technical Assistance Center) and the VT Attorney General CAP (Consumer Assistance Program) and Small Business Initiative

Cybersecurity Overview

• Manufacturers Guide to Cybersecurity – For Small and Medium-Sized Manufacturers
• Cybersecurity Resources for Manufacturers
• VMEC and NIST combined file, highlighting cyber risks, and compliance

DoD, DFARS, NIST SP800-171, & CMMC

• CMMC Official Overview, Scope, & Guides
• Project Spectrum Cybersecurity Compliance assistance
• Cybersecurity Maturity Model Certification (CMMC) town hall forum videos
• Cybersecurity Resiliency for Defense Contractors presentation (February 13, 2020)
• NIST Special Publication 800-171 (Rev 2) including NIST MEP Cybersecurity Self-Assessment Handbook for Assessing NIST SP 800-171 Security Requirements
• Free on-line (DoD and US Government) resources for cybersecurity training – DoD Cyber Exchange Public and Security Awareness Hub

VMEC is offering IT Security Services with local and regional IT service providers

Vermont is an increasingly cyber-aware state with many businesses offering or requesting support. VMEC has made a point to partner with the best Vermont and New England Regional cybersecurity providers to ensure quality service for our clients. Upon understanding your business’s needs, we will introduce one (or several) of our partners and offer projects that have been tried and found valuable.

VMEC & Partners offer Vermont manufacturers, including defense contractors, the following services:

• Quick IT Security Assessment (4-6 hours) including walk-through and discussion of SP 800-171 requirements
• Full IT Security Assessment that identifies and documents gaps and vulnerabilities, and a remediation plan outline
• Customized remediation projects
• Continuous proactive security monitoring and assessment follow-ups

Interested in learning more about IT security services?  Schedule a no-cost consultation with VMEC today!