In the latest episode of the Manufacturers Network Podcast, host Lisa Ryan engages with Jason Vanzin, the founder and CEO of Right Hand Technology Group. Renowned as a top-managed service provider globally, Right Hand Technology Group focuses on cybersecurity and compliance, specifically targeted at manufacturers. This episode dives deep into cybersecurity, revealing the challenges and solutions pertinent to the manufacturing industry.
Jason Vanzin’s enthralling journey into IT began in his teens when he purchased his first computer. Driven by a passion for technology, he pursued a degree in information systems management, eventually finding his niche in cybersecurity. His career spanned roles in large corporations like UPS and Nortel Networks to smaller IT companies, where he developed a passion for working directly with clients and small businesses. This path eventually led him to establish Right Hand Technology Group, focusing on delivering cybersecurity solutions to small and medium-sized manufacturers.
A critical topic discussed in the podcast is the distinct roles and responsibilities of IT and cybersecurity departments. Jason elucidates that while IT is centered around productivity and problem-solving, cybersecurity focuses on minimizing risk—sometimes at the cost of productivity. “It’s about risk management,” he explains, highlighting the often conflicting goals between IT and cybersecurity.
The misunderstanding of cybersecurity at the executive level and the assumption that IT will cover all cybersecurity needs are significant challenges in the manufacturing sector. Jason stresses that cybersecurity must be approached holistically through systematic frameworks like the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC). These frameworks help organizations assess and mitigate risks methodically.
The conversation shifts to cybercriminals' evolving tactics and the perpetual cat-and-mouse game between hackers and cybersecurity professionals. Vanzin underscores that cybersecurity frameworks force organizations to think systematically and constantly stay ahead of potential threats. “Cybersecurity isn’t about a single solution; it’s about continuous vigilance and education,” he asserts.
An essential aspect of cybersecurity in manufacturing is safeguarding the supply chain. Jason emphasizes the importance of identifying critical suppliers and ensuring they adhere to robust cybersecurity standards. This can involve certifications like ISO 27001 or SOC 2 compliance, providing a benchmark for secure practices. He advises manufacturers to thoroughly evaluate their suppliers’ cybersecurity posture to ensure a secure supply chain.
Training employees is a cornerstone of any cybersecurity strategy. However, Vanzin notes that frequent and consistent training is crucial. Companies should implement regular phishing tests and cybersecurity training programs to keep employees vigilant. Despite the inclination to minimize disruptions, he advocates for a higher frequency of training exercises to prepare employees for real-world threats better.
Preparation is key when responding to a cybersecurity breach. Jason stresses the importance of having an incident response plan and conducting regular tests to ensure readiness. Involving cyber insurance companies early in the event of a breach can also mitigate potential repercussions by establishing attorney-client privilege and ensuring a coordinated response.
The concept of 'ethical hackers, ' or professionals who...
