Cybersecurity – Cyber Attacks Can be Devastating to Small Manufacturers
- VMEC Home
- Cybersecurity – Cyber Attacks Can be Devastating to Small Manufacturers
The risks are enormous and potentially devastating! 55% of small and mid-sized businesses have experienced a data breach or cyberattack. 43% of spear-phishing attacks are targeted at small businesses. 60% of businesses are left severely impacted.
As a result of increased concerns about cyber attacks, manufacturers with contracts from the Department of Defense (DoD), General Services Administration (GSA), and/or NASA must be compliant with defined cybersecurity requirements to protect Controlled Unclassified Information per NIST SP 800-171 (CMMC adjacent) or risk losing contracts. Small manufacturers in other supply chains such as automotive, medical, and energy can also expect cybersecurity contract requirements
Companies should not wait for customer-imposed requirements to identify IT security vulnerabilities and protect their businesses. All manufacturers, whether required or not, should take positive steps now to implement and maintain appropriate IT security controls, and know what to do if a breach does occur. Malicious threats target anyone. Just because your business doesn’t work with classified or controlled information does not mean you are not a target.
VMEC can provide resources and assistance to help manufacturers take action to protect their business. These include:
- “Countdown to CMMC Compliance” June 24, 2022 webinar – Organizations in the defense industrial base (DIB) had the chance to get guidance and clarity from top DoD officials Stacy Bostjanick, Director of CMMC, and Dave McKeown, DoD CIO & CISO, on updates to the CMMC program timelines as well as contractors’ responsibility to comply with CMMC and DFARS 7012. Discussed were important CMMC program updates, expected changes to program timelines and contractor obligations under DFARS 7012. If you didn’t get a chance to watch the presentation live, please fill out this form to receive access. This webinar was hosted by VMEC and other MEP National Network centers.
- Complying with Department of Defense Cybersecurity DFARS requirements
- Access to NIST Manufacturing Extension Partnership and MEP National Network cybersecurity experts
- Professional Services for Assessment, remediation, and security monitoring with local and national cybersecurity experts and service providers
- Connection to State of Vermont partner resources such as the Vermont PTAC (Procurement Technical Assistance Center) and the VT Attorney General CAP (Consumer Assistance Program) and Small Business Initiative
- Manufacturers Guide to Cybersecurity – For Small and Medium-Sized Manufacturers
- Cybersecurity Resources for Manufacturers
- VMEC and NIST combined file, highlighting cyber risks, and compliance
- IT/Cybersecurity recording from our summer 2021 Noontime Knowledge series
- February 2022 Cybersecurity blog post
DoD, DFARS, NIST SP800-171, & CMMC
- CMMC Official Overview, Scope, & Guides
- Project Spectrum Cybersecurity Compliance assistance
- Cybersecurity Maturity Model Certification (CMMC) town hall forum videos
- Cybersecurity Resiliency for Defense Contractors presentation (February 13, 2020)
- NIST Special Publication 800-171 (Rev 2) including NIST MEP Cybersecurity Self-Assessment Handbook for Assessing NIST SP 800-171 Security Requirements
- Free on-line (DoD and US Government) resources for cybersecurity training – DoD Cyber Exchange Public and Security Awareness Hub
VMEC is offering IT Security Services with local and regional IT service providers
Vermont is an increasingly cyber-aware state with many businesses offering or requesting support. VMEC has made a point to partner with the best Vermont and New England Regional cybersecurity providers to ensure quality service for our clients. Upon understanding your business’s needs, we will introduce one (or several) of our partners and offer projects that have been tried and found valuable.
VMEC & Partners offer Vermont manufacturers, including defense contractors, the following services:
- Quick IT Security Assessment (4-6 hours) including walk-through and discussion of SP 800-171 requirements
- Full IT Security Assessment that identifies and documents gaps and vulnerabilities, and a remediation plan outline
- Customized remediation projects
- Continuous proactive security monitoring and assessment follow-ups
Interested in learning more about IT security services? Schedule a no-cost consultation with VMEC today!