1 minute read
Industrial Refrigeration Faces Significant Cybersecurity Risks
versions,” Symonds said. “Make sure you have a security team responsible for these types of things.”
To be incident-ready, companies should also develop a response plan and create scenarios for common problems. “The pandemic was a great outage scenario. What happens if you can’t get is one of the most common passwords used in 2022.
Lettman said educating employees on how to identify and report suspicious emails and teaching them to avoid clicking on unknown links is critical. CISA offers a free tool for companies that want to run a phishing campaign that will get employees to try to click on links.
As an added safety step, Symonds suggests not loading email programs onto computers that don’t need them. Other essential best practices include implementing regular security audits and vulnerability assessments to identify potential weaknesses in the system.
CISA also offers Cyber Resilience Review (CRR), an interview-based as- sessment to evaluate an organization’s operational resilience and cybersecurity practices. “It looks at where you are running cyber risks,” Lettman said.
Create Awareness
Everyone in the company, including technicians, should be aware of cybersecurity risks, even in their personal lives, Symonds said.
“Doing just the basics will get you far and you can keep doing more and more,” Symonds explained. “Most of the people who are likely to target you are doing it because it is easy and not because you were their particular target. Luckily for you, attackers are lazy. Don’t be the low-hanging fruit.” into the office? There should be plans in place. Have these things as policy,” Symonds said.
While cybersecurity may seem daunt ing, there are steps companies can take to mitigate risk.
“There are positive things we can do,” Lettman said, adding that CISA has free resources available on CISA. gov. “Secure your internet connections. Use multi-factor authentication. If you have multifactor in place, the odds of them getting around it are harder.”
Companies should also create backups of data that hackers can’t alter or change. “Store them offsite at a cloud provider or a geographically different location,” Symonds said. “If something gets ransomed, you’ll lose all the data between the last backup and now, but you won’t lose everything.”
Symonds also suggests not reusing passwords, getting a password manager, and coming up with strong unique pass words. “People are, really, really bad at coming up with good passwords,” he said, adding that the word ‘password’
