NOVEMBER/DECEMBER 2020 2020 CYBER SECURITY
A combination
of training and
awareness is the
best defence
against cyber
attacks
is from a technology perspective, the weakest
link will invariably be the human element – its
employees. From executives to receptionists,
all it takes is someone to unwittingly click on
a compromised link or attachment and the
fl oodgates can open. Fortunately, the solution
is both simple and eff ective. Conducting
regular training not only keeps security top of
mind amongst employees, it also provides an
opportunity to update them on all the latest social
engineering methods and tactics being used by
criminals. Wherever possible, contractors, vendors
and partners should also be invited to participate,
which will help reduce the risk of a breach
somewhere else in the supply chain.
5Always have a clear incident
response plan in place
Even with the best will in the world, no company
can completely eliminate the risk of being
breached, which is why it’s important to always
have a detailed incident response plan at the
ready. With luck, it’ll never be used, but it’s far
more prudent to have it and not need it than
vice versa. Should the worst happen, a clear
plan will ensure everyone knows their roles and
responsibilities, helping to mitigate the breach
as quickly as possible, hopefully preventing
critical data loss.
Today’s cyber criminals are more creative,
nimble and motivated than ever before, so it
pays to be prepared. This is particularly true
in the manufacturing industry, where sensitive
IP plays such a key role in many companies’
ultimate success or failure. An eff ective cyber
security strategy doesn’t have to be expensive,
but it does require buy-in at the most senior
levels of the company, attention to detail, and
the right combination of tool and training in
order to be eff ective.
www.manufacturingmanagement.co.uk
The legal pitfalls
Carys Thompson, a partner at Keebles
LLP, explains the legal considerations
businesses need to take around
increased cyber security risks
The COVID-19 crisis has resulted in businesses
across the world, including manufacturers, having
to adopt at least some home-based working. With workers once
again being directed to ‘work from home where they can’ amid
ever-changing lockdown rules, manufacturers should protect
against the associated risks and potential liabilities.
Most manufacturers treat the integrity of their IT systems
and data very seriously and invest time and money in fi rewalls,
password protection and anti-virus software. They are also likely
to have maintenance arrangements in place that keep their
security measures up to date. However, while these may be in
place on site, it is important to consider IT and data security for
those working remotely too, particularly if some employees are
using their personal devices which are unlikely to have the same
level of protection.
Email and other messaging services as a method of
communication have also inevitably increased with more
employees working from home. Companies need to take the right
steps to protect confi dential information, trade secrets, IP rights and
personal data. The law is clear that an employer’s data on a personal
device belongs to the employer, and in most circumstances
they will own the copyright for work generated by an employee
regardless of their location.
Employees working remotely and/or using their personal
devices for work can lead to valuable sensitive information or
IP being stored on an employee’s personal device, which might
be less secure. There is also a potential risk if that employee leaves
or is dismissed.
Most employees working from home will process personal
data as part of their day to day working operations and their own
personal IT solutions might be used where they would not have
been used before.
Data protection law does not prevent businesses from using IT
solutions, but they must still comply with the law and ensure that
they have adequate procedures in place, including appropriate
security measures, to protect personal data.
Thaut Images / stock.adobe.com
29
Maksim Kabakou / stock.adobe.com
/www.manufacturingmanagement.co.uk
/stock.adobe.com
/stock.adobe.com