Issue link: https://iconnect007.uberflip.com/i/1472190
JULY 2022 I SMT007 MAGAZINE 9 mise (BEC/EAC) scams account for $43 bil- lion in fraudulent take. We found the FBI announcement to be so on point with the topic that we decided to reprint it in its entirety in this issue. With all that we know about the risks of being involved in a cyber world, we must be getting a handle on it, right? Unfortunately, no. In a recent Washington Post article 1 , the author cites two industry experts on the state of cybersecurity in the U.S. in general. '[We're] less vulnerable against the threats of five years ago. But I see no evidence that the threat has stood still, and in fact, it is likely that it has grown at a faster rate than our defenses," said Herb Lin, senior research scholar for cyber policy and security at Stanford University. "We've become ever more vulnerable with each passing day," warned Lauren Zabierek, execu- tive director of the Cyber Project at the Harvard Kennedy School's Belfer Center. "I don't know where the bottom is." It may feel like it's all doom and gloom, but my point is that cybersecurity is our collec- tive responsibility. As an industry, if we want to grow, thrive, and endure, we need to ensure any private and protected information pass- ing through our hands stays private and pro- tected. e key here is "passing through." e data moves along with the physical assemblies. We must ensure secure entry, processing, and exit for that data set. is is the core intent of the Cybersecurity Maturity Model Certifica- tion (CMMC). Data security is now a business imperative. Whether it's defensive (to repel hackers and data leaks), evolutionary (to support digital twins and industrial automation), or compet- itive (certifications and new capabilities), you can be reactive or you can be proactive. Either way, you will be responding to data security in some form. In this issue, we look at three main security initiatives underway, and ask, "Can this be accomplished affordably?" at last question is the one that's the hardest to nail down, of course. In our interview with Divyash Patel of MX2 Technology, he says that basic cybersecurity "hygiene" (as he calls it) is lacking in a significant percentage of our facil- ities. We must start there before we can build a solid cybersecurity system. If your organi- zation has already secured your basic email hygiene, you are well ahead of many others. You won't need to fund that part of the project. What we didn't find—and not that we realis- tically expected that we would—was a formu- laic approach to cybersecurity budgeting esti- mation. It's not like one can estimate dollars- per-line, Euros-per-facility, or pounds-per- employee. But as Ryan Bonner of DEFCERT explains in his interview, the CMMC assess- ment preparation documents make for a valu- able self-assessment. IPC's Validation Services programs are equally valuable not only in pro- viding a certification recognized by govern- ment purchasing agents, but also as a process and security verification step. Look for Randy Cherry's IPC 1791 discussion in this issue as well. In short, with a well-trained IT depart- ment, much of the work can be done in-house. Here at I-Connect0007, we trust that digital security is high on your to-do list (if it isn't, hopefully this issue will change your priori- ties). While digital security is not an insignifi- cant project, achieving certification continues to become more clear and more focused. Now is a good time to move security to the top of your priority list. SMT007 Reference 1. "The U.S. Isn't Getting Ahead of the Cyber Threat, Experts Say," by Joseph Marks, Washington Post, June 6, 2022. Nolan Johnson is managing editor of SMT007 Magazine. Nolan brings 30 years of career experience focused almost entirely on electronics design and manufacturing. To contact Johnson, click here.