.jpg?ext=.jpg)
Awareness of Cybersecurity Rules and Regulations in the DIB
MxD is recognized by the Department of Defense as the “National Center for Cybersecurity in Manufacturing.” Recently, MxD released a survey co-created by a research firm called APCO Insight. The survey is titled, “Behind the Firewall: Assessing Cyber Resilience in US Manufacturing (available for download here).
The report offers several interesting insights, but with CMMC 2.0 just around the corner, there is one that stands out. First, it is important to break down the survey participants.
MxD Cybersecurity Report Respondents
The sample size of the survey is somewhat small. There were 750 companies represented in the report, all of which are in the MxD database. Of that 750, 106 were Aerospace & Defense manufacturers and 102 were Defense Industrial Base manufacturers (the report does not define how it separates the two categories). Small to medium-sized businesses (500 employees or fewer) represent 630 of the 750 total companies surveyed.
Staying Updated on Cybersecurity Rules and Standards
One of the report’s most interesting facets is the breakdown of responses to: How Closely Organization Monitors for New or Updated Cybersecurity Laws and Regulations. According to the report, 19% of DIB manufacturers surveyed do not closely monitor cybersecurity laws and regulations. In terms of company size, 16% of small businesses follow updates to a limited degree. Large companies do a better job, with just 5% saying their monitoring of laws and regulations is limited.
One explanation for this limited following of cybersecurity rules and regulations is a limited workforce. Especially for DIB manufacturers with fewer than 100 people, there may simply not be as many resources to stay updated on regulatory compliance.
A second explanation is a lack of a clear leader in compliance. The survey notes that 73% of the small businesses polled have just 1-5 cybersecurity staff members. This means it may be hard to discern who should take the lead in making sure the company is on top of the latest cybersecurity guidelines.
Important Takeaways for DIB Manufacturers
The report is full of important insights that will lead to important conversations. In terms of this particular issue, there are some key action items DIB manufacturers can consider now.
- Even though you may not have a large team, make sure a leader is assigned who is responsible for staying abreast of new cybersecurity compliance rules and regulations
- Set a cadence for how often this person should report to executive leadership about industry changes in regard to cybersecurity
- If you do not have one already, create a group of leaders from across the organization who will be responsible for leading the charge in company compliance – this should not be limited to IT personnel
Get a Sense of Your Cybersecurity Strength
Want to see how you might have responded to the survey questions? Use our cybersecurity self-assessment resource as a quick way to determine your risk appetite and the status of your cybersecurity ecosystem.
Want to schedule a meeting with us?
Let's schedule a no-obligation ten-minute meeting to see if we can help your company.
Contact us today