MRC - Manufacturers Resource Center




Date(s) - December 5th, 2017
8:30 am - 11:00 am

Manufacturers Resource Center


Free Breakfast
Presented by MRC and SBDC
December 5, 2017
8:30 am – 11:00 am

Manufacturers Resource Center
Hanover Office Plaza
961 Marcon Boulevard, Suite 200
Allentown, PA 18109









Did You Know that all Department of Defense (DoD) contractors and subcontractors are REQUIRED to be compliant with NIST 800-171 by December 31, 2017?  This workshop will cover NIST 800-171 along with other cybersecurity best practices and also includes a free pre-workshop Cybersecurity Assessment. This assessment will act as a gap analysis to prepare you for some of the topics to be discussed and ideally encourage questions and discussion during the workshop.   FYI many small shops do not even know.


On October 21, 2016, the United States Department of Defense (DoD) updated the Defense Federal Acquisition Regulations Supplement (DFARS) with an updated rule. The most important changes implemented in this latest version of the DFARS Clause 252.204-7012 include:

    • All contractors must be in full compliance with the requirements outlined in NIST 800-171
    • Contractors must report cyber incidents within 72 hours or less to the DoD
    • All non-compliant aspects must be reported to the DoD within 30 days after contract award
    • Compliance must extend to all operation aspects – all suppliers and subcontracts storing, processing and/or creating CDI that is part of contract performance
    • The deadline for compliance is December 31, 2017


DoD and defense prime contractors are catalysts for creating a robust cyber-resilient U.S. industrial base connected through trustworthy manufacturing networks that respond rapidly to national security needs.

Why should you be concerned even if you are not in the DoD Supply chain:

    • Targeted attack campaigns are on the rise
    • Spear phishing:  91% of all attacks start here
    • 76% of legitimate websites have vulnerabilities (20% critical)
    • Almost 1M new malware threats were created each day last year
    • 45% more people were subject to digital extortion last year
    • Internet of Things (IoT)threats are a growing concern


Manufacturing Security Concerns:

    • Like all hard/software, Industrial Control Systems (ICS) are insecure by design
    • More and more ICS are accessible or worse, directly connected to the internet
    • Most companies don’t even know what devices they have on their networks and where they’re deployed
    • Limited, if any, security event logging
    • Staff are not trained on ICS cyber security/mitigation


Manufacturing Vulnerabilities

  • Denial-of-Service Attacks
    • One or more subsystems is made unavailable
    • Easiest and most blatant of all attacks
  • Imposters
    • A person or device impersonates a legitimate device on the network and transmits phony data to disrupt operations
  • Replay Attacks
      • An imposter replays a recorded version of old data to confuse operators or disrupt operations


Implications to your company

  • Loss of Production Capability
  • IP at risk for theft/compromise
  • Customer/Supplier damage
  • Loss of Revenue
  • Ransom Payments
  • Faulty products
  • Corporate reputation


Download Flyer

Registration is required.



Registrations are closed for this event.