Three Key Phases for Cyber Protection
A manufacturer can improve his security standing if aware of his current state across the three phases. A manufacturer starts with (1) Establishing a culture of cybersecurity: Cybersecurity concerns all employees – first and foremost management. Managers should declare this issue a top priority and assume responsibility. Top management commitment is a critical component to the success of establishing a sound cyber security culture. Companies’ own employees pose the highest source of risk. According to Kaspersky, a provider of security software, more than 80 percent of security incidents are the result of human error. Classic examples of this are fraudulent e-mails and simple passwords. The only remedy here is regular training courses.
Cyber protection is not a product that you simply invest in once and can then forget all about. It is rather an ongoing process.
(2) Implementing and incorporating measures: SMEs should carefully examine and optimize data protection, security policies, physical security, and access management and start conducting training measures. Particularly companies offering digital and connected products and services must incorporate cybersecurity as part of these products design - from development via operation of the product through to service.
(3) Communicating measures and acting as a role model: Companies that set a good example encourage others to take the same approach.
This is important because cyberattacks do not simply stop at corporate or national boundaries. That is why cybersecurity measures must always be seen in context, such as throughout supply chains or for example with service providers who are later responsible for product maintenance.
If a company has completed these three phases, then it is well protected from hackers, but not forever, since criminals are constantly developing new malicious methods of attack.