SMT007 Magazine

SMT007-July2020

Issue link: https://iconnect007.uberflip.com/i/1265351

Contents of this Issue

Navigation

Page 32 of 113

JULY 2020 I SMT007 MAGAZINE 33 some level of doubt or concern as to whether you found everything. Cormier: Right. You ask yourself, "Did we miss something?" Because all it takes is one thing missing and any amount of time you spent fix- ing it could be wiped out. If you spend hun- dreds of hours in a week to fix something and you missed one thing, you're back to square one again, and you lost 100 hours. That's where you weigh the risk. Is it best to start from square one? For some larger companies, that task would be too incredible to even think about. But again, most of those companies have the resources available to make that hap- pen in the agile environment. Matties: This caused business interruption and a new level of awareness that changed your security protocols. What have you done to keep this from happening again, since it came from somebody clicking on an email? Cormier: Because we were doing the full rebuild, we went through and reassessed. And I hate saying this, but it was perfect tim- ing because we were going through a process of becoming completely compliant with a few standards, like NIST, DFARS, and ISO 27001 and 27002. A lot of the planning and security required for that helped us. There were things that we needed to implement, push the enve- lope, and it required us to make those changes. Reviewing the security processes and what we have in place that has been required will help us in the long term. Matties: We hear about these things, but we never think it could be us. Then, all of a sud- den, it is us. And you're not the only one who has been hit by this in the industry. Cormier: Yes. There's a substantial infrastruc- ture that's been affected by this very kind of situation. Matties: And other fabricators, I understand, have been hit directly as well. Moreover, what advice do you give to somebody to protect themselves? And specifically, are you keeping all email isolated from your network now? Cormier: That's one thing that we decided to go toward because a lot of solutions are cost-pro- hibitive, but there are options now for cloud compute and cloud email systems. It makes sense to make that change because it requires managing less in-house that could possibly be affected if an event like this occurs. Businesses that build this kind of cloud infrastructure put in place a lot more security to provide multi- ple levels of security. We found that it's much more cost-effective to go with that approach than having things in-house nowadays. As a recommendation, I would say to look at that kind of transition, even if it's a hybrid cloud environment, to where you're reduc- ing your surface area of attack, the number of areas that could be affected, and services that could be affected if you do get hit with some- thing. We're living in a world where that's not necessarily a requirement, but to do business, it is a good idea. Matties: Is your email now isolated from your internal networks? Cormier: Yes, and some of our file sharing and backup systems are now being compartmen- talized. Matties: On your internal systems, as we move into digital factors, a lot of equipment is con- nected to the internet for firmware updates and such. How have you changed the infra- structure, or do you have any concern about that connection point? Cormier: I followed a model called "zero trust," where you don't trust anything inbound or out- bound. Instead you have to manually approve certain things, including with the network. Now, I compartmentalize. I have a completely separate network where all proprietary equip- ment requires the internet be placed onto and it uses cloud solutions to share files back and forth. That way, if something hits one of our local machines, we're not going to be affected

Articles in this issue

Archives of this issue

view archives of SMT007 Magazine - SMT007-July2020