ROME, N.Y. — The Manufacturers Association of Central New York, Inc. (MACNY) held its first post-pandemic Cybersecurity Summit on Sept. 29 at the Innovare Advancement Center in Rome.
The goal was to help arm manufacturers and other businesses with information and resources in the fight against growing cyber threats.
“It has been a consistent need of companies and the community,” says Randy Wolken, president and CEO of MACNY, a nonprofit manufacturing trade association representing more than 300 businesses and organizations across Central and Upstate New York. In a world that is so software and technology driven, companies need all the help they can get to ward off cyber threats, he adds in an interview with CNYBJ at the summit.
MACNY organized the first such summit in 2019 before the pandemic hit, and Wolken says he is pleased with the response to this first in-person event since then.
Businesses from all over the region in industries ranging from manufacturing to education attended the event. The summit featured presentations by area cybersecurity and other professionals on topics such as hackers, cyber liability, manufacturing supply chain and information supply chain risks, legal issues in cyber-incident response, and cybersecurity considerations for the manufacturing industry.
When the cost of a data breach can run into the millions and more than 40 percent of cyber attacks are aimed at U.S. organizations and businesses, it’s crucial for companies to stay on top of things, keynote speaker Dr. Ersin Uzun explains. He is executive director and professor at the ESL Global Cybersecurity Institute at Rochester Institute of Technology.
The odds of any business or organization experiencing some sort of attack are about 70 percent, Uzun says. An attack can start with something as simple as a phishing email to which an employee unwittingly responds.
“The small businesses are seeing more attacks,” he says. Attackers are looking for “low hanging fruit,” Uzun notes, since businesses that don’t have a robust protection system and are easier to attack. Businesses can ward off attacks by strengthening the weakest link, humans, with training on how to recognize and avoid the dangers of cyberattacks.
“If [attackers] send an email and no one clicks on it, they’ll just move on to the next target,”Uzun says.
Typically, companies in high-risk areas such as finance are considered common targets, he says, but most of those businesses have strong cybersecurity methods these days. Cyber criminals have moved on to other targets, he notes, and in 2021, manufacturing companies were attacked more than the finance and banking industry.
“Attackers are moving to industries they see are not very well protected,” Uzun explains. They will also target small to medium-sized businesses because they are often more willing to pay a ransom to end the attack.
Often companies are vulnerable because they have not been able to fill open IT roles, Uzun says. There are currently about 2 million open jobs in the cybersecurity landscape, meaning the competition for available candidates is fierce. Some companies may balk at the salary cost of an IT professional, Uzun says, so they may want to consider outsourcing their IT needs to a managed security service provider instead.
It can take a company more than 200 days to even realize it has been attacked if it’s not being vigilant in its cybersecurity efforts, and there is a less than 1 in 2,000 chance a cybercriminal will ever be caught and prosecuted, Uzun stipulates.
It’s a constant fight. As new technologies to protect businesses emerge, so do new ways to attack a business.
“Attackers are adapting, too,” Uzun says. “They are not stale. It’s better that you do something about it.”
To help businesses even more, MACNY is in the process of organizing a cybersecurity consortium, Wolken tells CNYBJ.
One of the biggest challenges in cybersecurity is that no one really likes to talk about it, he says, but a business that shares its experience with others can help those other businesses avoid a similar breach.
“People need to talk to each other,” Wolken says. He hopes the consortium will serve as a safe space where companies can share and learn from each other.
Secure Network Technologies sponsored MACNY’s Cybersecurity Summit while GreyCastle Security and Assured Information Security co-sponsored the reception following the summit.
Companies and organizations that presented at the summit included Secure Network Technologies, Amwins Brokerage, Brown & Brown Insurance, Cybersecurity and Infrastructure Security Agency, Bond Schoeneck & King PLLC, GreyCastle Security, and Assured Information Security.