It’s Not If, It’s When


It’s Not If, It’s When

SBCA members are helping fellow CMs evaluate their cybersecurity

It’s easy to take the “it can’t happen to me attitude” when it comes to cybersecurity. Even if you think your company is protected, a breach of your network and infrastructure can happen in a split second and affect your business in ways that are not easy to recover from. Unfortunately, given the current state of today’s cyber landscape, a cyberattack is not about if, it’s about when. But there are plenty of things you can do to be prepared and that starts with understanding where the weaknesses are in your online ecosystem.

The list of threats is long but some of the most critical items for you to be aware of are: ransomware, spyware, spoofing, Trojans, adware, phishing, and keyloggers. (See SBCA’s Cybersecurity Topical Library page for more information.) A recent SBC Industry news poll showed that the majority of the component manufacturers (CMs) who responded were aware of these threats. The same survey also indicated that many of the participants had experienced one or more of these threats in the past five years (see graph below).

If you’re reading this and you’re not the IT person at your company, that’s ok, keep reading. There’s a time and place for technical concepts and jargon. To begin with, it’s important to understand the overall impact a security breach could have on your company.

As an example, a ransomware incident can take down your entire company’s computer network in just a handful of minutes, completely paralyzing your operation. No office staff can work and no production equipment will run; your entire staff, except maybe your IT folks, is waiting for your thoughts on what comes next, and it may not be what they want to hear.

Even 48 hours of downtime could mean thousands and thousands of dollars in missed production, lost sales opportunities, and the expense of mitigation and recovery. If you extend that downtime to a week or more you may eventually be looking at hundreds of thousands of dollars. 

Good cybersecurity provides defense through depth: layer upon layer of protection that can stop threats even if a single layer fails. 

The key to protecting your company from a huge financial loss is getting all of the right training, systems, and solutions in place before a security breach occurs. A comprehensive plan includes far more than you might expect and, if you haven’t done a lot of planning, may require a healthy investment in hardware, software, expertise, and training. 

Fortunately, the SBCA IT Committee created a Cybersecurity & Disaster Recovery Planning Worksheet you can use to walk through critical digital infrastructure questions with your IT team to ensure you’re ready to face anything that threatens your ability to keep your business running.

A cybersecurity breach can happen to anyone, anywhere. Computer hackers do not target only large, Fortune 500 companies. In fact, criminals have begun to target small businesses, specifically because they rarely have the resources to fully protect themselves. 

Good cybersecurity provides defense through depth: layer upon layer of protection that can stop threats even if a single layer fails. 

About the Author: Molly Butz searches for the ways information technology shapes and fosters ingenuity in the component manufacturing industry.