EXTRA: Details from an industry expert
Cyber criminals are increasingly setting their sights on today’s digitized manufacturing industry as an entry point into government and commercial supply chains.
At the MEP (Manufacturing Extension Partnership) National Network, we see time and again that many small and medium-sized manufacturers do not have the knowledge or resources to upgrade their information systems. The need to address cybersecurity is made all-the-more urgent by the Department of Defense (DoD) cybersecurity requirements. All DoD contractors and subcontractors that process, store or transmit covered defense information (CDI) must meet the defense federal acquisition regulation supplement (DFARS) minimum security requirements or risk losing their contracts.
The MEP National Network has MEP Centers in all 50 states and Puerto Rico, and for more than 30 years we have been helping U.S. manufacturers thrive. We’ve created a host of services and resources for small and medium-size manufacturers seeking to meet the mandatory DoD information security requirements or simply reduce cyber vulnerabilities.
When Calienté President Mike Kelly needed help from cybersecurity experts familiar with U.S. Department of Defense cyber security requirements, he turned to the Manufacturing Extension Partnership National Network.
The Network connects manufacturers with cybersecurity assistance through the organization’s local MEP Centers. Consider our work with Calienté President Mike Kelly. His firm is one of the leading suppliers of thermal target systems to the U.S. military. When it began supplying products to the DoD, Calienté did not meet cybersecurity requirements for defense contractors and risked losing a big portion of its business. Our Purdue MEP Center connected Kelly with leading cybersecurity experts who provided a detailed gap analysis of the company’s protocols and procedures according to DoD requirements and created an action plan to ensure compliance. Kelly said that with MEP’s support, he protected one quarter of his revenue and averted potentially devastating operational losses resulting from an information breach.
In addition to affordable consulting services, the MEP National Network offers the following online resources:
- Cybersecurity self-assessment tool. This tool helps small manufacturers self-evaluate their level of cyber risk.
- Cybersecurity self-assessment handbook for assessing DFARS security requirements. This guideoffers a step-by-step guide to assessing a manufacturer’s information systems against the DFARS security requirements.
- Webinar: Cybersecurity self-assessment handbook overview. This presentation provides a general understanding of the handbook and how it relates to recent changes in DFARS cybersecurity requirements.
- Webinar: Cybersecurity self-assessment handbook Q&A. It answers common questions asked about the NIST 800-171 handbook and DFARS requirements.
- The “manufacturing profile” of the cybersecurity framework. A roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing-sector goals and industry best practices.
- Information security for small business: The fundamentals. A report with guidance on how small businesses can provide basic security for their information, systems and networks. This publication also offers an overview of cybersecurity best practices.
- Manufacturing innovation blog. A resource for manufacturers, industry experts and the public on key U.S. manufacturing topics, including cybersecurity. It provides articles for those looking to dive into new strategies emerging in manufacturing, as well as useful information on tools and opportunities for manufacturers.
Whether you are a manufacturer implementing a cybersecurity program or a DoD supplier looking to achieve compliance, local representatives of the MEP National Network are available to support your business. The state-by-state list can be found at www.tinyurl.com/MEP-Centers.