managing security risks in manufacturing
DESCRIPTION
MCGlobalTech presentation to manufacturing sector executives on managing cybersecurity risks by implementing an enterprise information security management program.TRANSCRIPT
![Page 1: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/1.jpg)
1
Mission Critical Global Technology Group
(MCGlobalTech)
Managing Security Risks in Manufacturing
![Page 2: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/2.jpg)
2
Manufacturing Threat Landscape Increasing
• Symantec reports that manufacturing was the most
targeted sector in 2012, accounting for 24% of all targeted
attacks. ermined; and (iv) monitor risk on an ongoing
basis.
![Page 3: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/3.jpg)
3
Manufacturing Threat Landscape Increasing
• Symantec’s Internet Security Report 2013 reports that
manufacturing was the most targeted sector in 2012,
accounting for 24% of all targeted attacks.
• Verizon’s 2014 Data Breach Investigations Report
identified Manufacturing as one of the most victimized
industries by hackers, with companies of all sizes equally
targeted.
• National Association of Manufacturers estimate that
$239.9 billion in revenue has been lost to cyber-piracy
over the past 10 years.
![Page 4: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/4.jpg)
4
Manufacturing and Cyber Espionage
![Page 5: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/5.jpg)
5
Frequency of Security Incidents
![Page 6: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/6.jpg)
6
Proactive Approach to Addressing Risks
Implementing an Enterprise Risk Management Program
allows Manufacturers to:
1. Understand the threat facing their organizations
2. Understand their business and technical environments relative
the threat
3. Identify and asses weakness that exists in defenses around
critical business assets including information, systems and
people
4. Proactively mitigate the risk to business operations, reputation
and profits
![Page 7: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/7.jpg)
7
Enterprise Risk Management Program
Enterprise Risk Management is a:
• Comprehensive process that requires organizations to: (i)
frame risk (i.e., establish the context for risk-based
decisions); (ii) assess risk; (iii) respond to risk once
determined; and (iv) monitor risk on an ongoing basis.
Underlying Principles:
• Every entity, whether for-profit or not, exists to realize
value for its stakeholders.
• Value is created, preserved, or eroded by management
decisions in all activities, from setting strategy to operating
the enterprise day-to-day.
![Page 8: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/8.jpg)
8
Risk Management Levels
• Organization Level
– Governance:
• Senior Leadership responsible for an organization’s mission
ensuring that the risks are managed appropriately and the
resources are used responsibly
– Risk Management Strategy
• Strategic-level decisions and considerations on how senior
leaders/executives are to manage information security risk to
organizational operations, assets and individuals
![Page 9: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/9.jpg)
9
Risk Management Levels
• Mission/Business Process Level
– Identify and establish risk-aware mission/business
processes
– The understanding of Senior Leadership on:
• Types of threats sources and events
• Potential adverse impacts/consequences
• Resilience of information technology to a compromise
– Key output: Risk Response Strategy
![Page 10: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/10.jpg)
10
Risk Management Levels
• Information Systems Level
– Risk Management incorporated in all system life
cycles, including procurement and disposal
– Risk Management activities reflect organization’s risk
management strategy and addresses any risk related
to cost, schedule and performance requirements for
individual information systems.
– Key output: Risk Management Reports
![Page 11: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/11.jpg)
11
Additional Fundamental Components
• Trust and Trustworthiness
– Establishing trust among organizations
– Trustworthiness of information systems
• Organizational Culture
– Values, beliefs, and norms that influence behavior
• Relationship Among Key Risk Concepts
– Governance, Risk Tolerance, and Trust
![Page 12: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/12.jpg)
12
MCGlobalTech EISM Program
![Page 13: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/13.jpg)
13
Questions
![Page 14: Managing Security Risks in Manufacturing](https://reader033.vdocuments.us/reader033/viewer/2022060123/5596da3f1a28abcb6a8b45b5/html5/thumbnails/14.jpg)
14
Contact Us
Mission Critical Global Technology Group
1776 I Street, NW
Washington, District of Columbia 20006
Phone: 571-249-3932
Email: [email protected]
William McBorrough Morris Cody
Managing Principal Managing Principal