Security in the modern age. Why vulnerabilities to software and hardware attacks will ruin your business and how to take steps to prevent and reduce them.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles…”—Sun Tzu
Most of you know me from my software days running Cimnet Systems and providing the industry-leading ERP and engineering solution to the industry. Since selling Cimnet, I have ventured into several other types of businesses, including engineering services (Entelechy), global sourcing (Linkage), biotech (Navipoint Health), and yet again into software (Exinous). I thought I was done with software but having worked with some amazing young people, I’ve decided to take the plunge yet again. Except this time, we’re all about cloud computing, mobile platforms, AI, machine learning and all the fun new technologies at our disposal. At the heart of our IT offering is combating today’s lurking threat of cybersecurity.
Wherever I go, I am pleasantly reminded of the role our industry plays into everyday lives. From the sight of people texting and calling loved ones on their phones, children laughing and playing with their high-tech toys, to doctors and nurses using advanced med tech to keep someone alive. I get a feeling of contentment and pleasure knowing our industry plays a role in fulfilling these moments.
Just the same, as much as these moments are vicarious, they are also vulnerable. They remind me of how important the safety and security of our work is.
In 2018 (really 2014), our industry found this out the hard way. The Big Hack1 was and still is the largest physical supply chain compromise of the modern age. The dirty secret being that, long ago, we compromised security for satiation. In addition to hardware attacks, hackers employing software attacks have compromised government organizations and Fortune 500 companies. Just look to SolarWinds and more recently Kaseya2 to see the fruits of their labor.
The PCB industry is no different. Suppliers, brokers, manufacturers, designers, and customers are all benefited by their connection to and interaction with software and hardware. We can’t live without them. We use them to create our advanced designs, store and transmit sensitive CRM data, process and record financial information, and store intellectual property. Our data is precious; it empowers us and streamlines systems. Yet, it also makes us vulnerable.
Our tech, which influences every aspect of modern-day life, must be secure, and so must the systems and organizations that create them. With the advent of IoT and the continued centralization of big data, cloud computing, and other integrated systems, the risk/reward for large scale software and hardware attacks ever increases.
When Linkage was impacted by a hack into our email system, that was a wakeup call to use everything in our arsenal to keep these despicable looters at bay. To ease our conscience, we stepped up our security game by honestly looking at ourselves and our enemy. We sat down and discovered our weak points and our strongpoints, and then combined them to seek improvements. Through Exinous, our software company, we created our own ERP software, iLink, and moved to an AWS IAM/KMS/WAF platform, modifying our security protocols and incident response plans to form and fit today’s ever changing security landscape.
Potentially facing DDoS attacks, phishing scams, ransomware and trojan hacks, we have implemented a multilayer security system that incorporates threat analysis, data encryption, incident management, authorization and authentication, and automated detection. We have also purchased CISA Insurance, given that, in the worst-case scenario, financially our business can weather the storm.
Downline at the factory, we randomly inspect hardware, check in with factory managers and preform multiple quality control tests. We have strong relationships with the production line team and quality assurance managers. This oft overlooked aspect of security is the other side of the coin to mitigating a major security breach.
Knowing that, as a global sourcing supplier of PCBs, I have a responsibility in our security that is both humbling and inspiring. I hope this insight inspires you to look at your own organizations, find your weak points, and become safer and more secure to help avert and prevent the otherwise inevitable.
1. “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” Bloomberg Businessweek, Oct. 4, 2018.
2. “Hackers conduct one of the largest supply chain cyberattacks to date,” engadget.com, July 3, 2021.