A counter-attack is a term taken from the military jargon used to describe large scale, usually strategic offensive operations by forces that had successfully halted an enemy’s offensive, while occupying defensive positions. A counter-attack is considered to be the most efficient means of forcing the attacker to abandon offensive plans. Cyber counter attacks are sometimes used as a means of self defense to slow down or even stop cyber attacks and the question of their legality is a recurring agenda.

Any business owner knows that information is a vital part of running a company. As manufacturing increasingly becomes more digitized, cybersecurity must become a standard component of doing business. If sensitive information—such as employee records, customer transactions or proprietary data—is comprised, it can have a devastating effect.

That’s why more and more manufacturers are taking steps to protect their information via good information security practices.

While cybersecurity may seem like a daunting issue for small and medium-sized manufacturers (SMMs)—either because of costs or limited technical knowledge—it’s essential that everyone in the supply chain begins to develop practices to protect their—and their customers’—digital property.

According to the U.S. Department of Homeland Security, the manufacturing industry is the second most targeted industry when you look at the number of reported cyber attacks. Why?

Cyber criminals view SMMs as prime targets precisely because many of these companies do not have adequate preventative measures in place. This makes SMMs incredibly vulnerable, which could result in:

  • Loss of information critical to running the business
  • Decreased productivity
  • Damage to information or information systems
  • Regulatory fines and penalties / legal fees
  • An adverse reputation or loss of trust from customers
  • Damage to credit and inability to get loans from banks
  • Loss of income

Five steps any manufacturer can take to handle cybersecurity risks, per the NIST cybersecurity framework.

1. Identify: The first step in a deliberate cybersecurity strategy is to understand your resources and risks.

  • Identify and control who has access to your business information
  • Conduct background checks
  • Require individual user accounts for each employee
  • Create policies and procedures for cybersecurity

2. Protect: If you experience a cyber-attack, you need to be prepared to resist.

  • Limit employee access to data and information
  • Install surge protectors and Uninterruptible Power Supplies (UPS)
  • Patch your operating systems and applications routinely
  • Install and activate software and hardware firewalls on all your business networks
  • Secure your wireless access point and networks
  • Set up web and email filters
  • Use encryption for sensitive business information
  • Dispose of old computers and media safely
  • Train your employees

3. Detect: If an attack occurs, you’ll want mechanisms in place that will alert you as quickly as possible.

  • Install and update anti-virus, anti-spyware and other anti-malware programs
  • Maintain and monitor logs

4. Respond: If a cybersecurity breach happens, you’ll want to contain and reduce any damage.

  • Develop a plan for disasters and information security incidents

5. Recover: After a cybersecurity breach, you’ll need mechanisms in place to help resume normal operations.

  • Make full backups of important business data and information
  • Continue to schedule incremental backups
  • Consider cyber insurance
  • Make improvements to processes/procedures/technologies