On this week's Industrial Talk we're onsite at FABTECH in Atlanta, GA and talking to Mike Brattain, Account Executive with Systems X about "Manufacturers must secure their business to succeed". Get the answers to your "Cyber" questions along with Mike's unique insight on the “How” on this Industrial Talk interview!

Finally, get your exclusive free access to the Industrial Academy and a series on “Why You Need To Podcast” for Greater Success in 2023. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

MIKE BRATTAIN'S CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/mikecharlesbrattain/

Company LinkedIn: https://www.linkedin.com/company/systemsx/

Company Website: https://www.systems-x.com/en-us/

PODCAST VIDEO:

https://youtu.be/SlI33pEPdxI

THE STRATEGIC REASON "WHY YOU NEED TO PODCAST":

OTHER GREAT INDUSTRIAL RESOURCES:

NEOM: https://www.neom.com/en-us

Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html

Industrial Marketing Solutions:  https://industrialtalk.com/industrial-marketing/

Industrial Academy: https://industrialtalk.com/industrial-academy/

Industrial Dojo: https://industrialtalk.com/industrial_dojo/

We the 15: https://www.wethe15.org/

YOUR INDUSTRIAL DIGITAL TOOLBOX:

LifterLMS: Get One Month Free for $1 – https://lifterlms.com/

Active Campaign: Active Campaign Link

Social Jukebox: https://www.socialjukebox.com/

Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader):

Business Beatitude the Book

PODCAST TRANSCRIPT:

business, conversation, companies, cybersecurity, industrial, cyber, manufacturers, Systems X, secure, mike, absolutely, security, find, people, industry, attack, digital transformation journey, put, manage, data

00:00

Industrial Talk is brought to you by Armis. Yes, you were in the digital transformation game. Yes, you need to find trusted companies, trusted individuals to help you along with that journey. The Armis platform delivers complete asset intelligence, you know what that means? insights into your connected assets, you're in the digital transformation game, you have to have that insights into what is connected. Go to Armis.com Find out more, you will not be disappointed. Industrial Talk is brought to you by Arduino the original all in one IoT platform. That's right, go out to arduino.cc and you will find documentation you will find devices powerful boards to help you with your digital transformation journey. It's all there. Go out to arduino.cc Find out more see how you can connect with these professionals to help you along with your digital transformation journey arduino.cc.

01:07

Welcome to the industrial talk podcast with Scott Mackenzie. Scott is a passionate industry professional dedicated to transferring cutting edge Industry Focus innovations and trends while highlighting the men and women who keep the world moving. So put on your hardhat grab your work boots, and let's go

01:25

Alright, what's good, thank you very much for joining industrial talk we are broadcasting here at FABTECH. Atlanta, Georgia, it is day three, and has been a man I'm telling it's been a barnburner of companies that have just innovated the heck out of their solutions and providing solutions to your problems. More importantly. And once again, we're just having a ball. So you got to put this one on your calendar big time you got to put this this event if you're not here this year, go next year, you will not be disappointed. You're going to be bigger and better. Most definitely. All right. We got a gentleman by the name of Mike, say your last name.

02:02

It's Brattain

02:04

Systems X. With the s on that Systems X. Let's get cracking. cybersecurity, right. Absolutely. And that's something you know, it's sort of an odd thing. One, that your job never gets old?

02:23

No, no, it's becoming more and more important. You know, we are managed security service provider just north of Detroit. And look, I'm amongst my people right now. These are these are manufacturers that are looking to take technology and gain a competitive edge with it. And so 60% of our our business base is manufacturing. So So these are my people hear

02:50

Yeah. And there's three huge conference halls of your people. Oh, yeah, here. It's massive. And it's everything's here. Yeah, everything. Yeah, let me ask you this, a lot of buzzy buzz out there. And I agree with it. 100%. But but one of the areas that everybody talks about, of course, I need to have that ability to connect my assets, I need to I have to have to start pulling that data, I have to start looking at that data, I've got to figure out how to make tactical decisions based off of the data of my assets. That's wrong. But every time they connect, it's an IoT device. The conversation rarely happens around cyber now. And if you want to be competitive, you've got to have that cyber conversation at the beginning. Is that true?

03:37

Absolutely. You know, we tell our customers, we are a cyber first company. And the reason is, Why manage your data. If you're not going to protect your data. This is no longer an option. It is a cost of doing business, you know, as as a leadership of your manufacturing company, your most valuable asset is your ability to do business. And the stats are out there. And these aren't scare tactics, but oh no, the downtime of a manufacturer is roughly $5,600 a minute. The average ransomware that the manufacturing industry.

04:15

I'm gonna stop you right there. Yeah. $5,600 a minute. Yeah, that's sort of average. That's sort of a big smile. It doesn't matter average. $5,600 a minute. Yeah, continue. I interrupted because I I'll just zone in on number. Yeah,

04:30

no, that's right. It's not feelings. It's it's facts. data, right. thing, but, but yeah, and then, you know, your average ransomware in the manufacturing industries got up to $2 million. Gosh, you know, and so, once you learn that ability, it will lose that ability to earn then then you lose your business. Yeah, I

04:53

this just popped into my head ever so fleeting. Are there insurance companies that are saying, Hey, I know ransom Where attacks are out there. They just don't just whether you like it or not, whether you hear my voice, they are out there. But to be able to sort of wrap it in an insurance policy, can they do that?

05:10

Yeah. So you're touching on a a crazy subject, it is the Wild West when it comes to cyber insurance right now. So companies looked at that as an opportunity, right? So when cyber-attacks really started to skyrocket, they were like, oh, an insurance companies never lose. Right. So now they're sitting there going, well, we're gonna have to start backtracking, what our coverages and start putting different things in our policy that we're not going to cover, like, let's say, a attack from a foreign country, you know, well, most of your cyber-attacks are from foreign men, and they are here. Yeah. So yeah, in the tough part is now most companies most most manufacturers, don't have the required cybersecurity measures in place to even qualify for proper cyber insurance. And so that is, it's a, it's a difficult situation right now.

06:03

But what I think you can mitigate it, if you connect with organizations like yours, and be able to have that conversation of fraud. Yep. And be able to know that, hey, here's where I want to go. How do we make sure that my data is secure, my business is secure, so that we can continue to do what we do best by that service? So, again, it's a cotton, it's a conversation, but if you find people not wanting to have that conversation?

06:32

Absolutely. And it's because they don't understand it, right? Some companies, a lot of times they hear look, we're too small, no, no. Right. And I always do the comparison of, you're looking at two houses and one doors locked and one door is not, I'm the bad guy, I'm going in the unlocked door, at least have some sort of security in place, because there's so much low hanging fruit there. But you know, being able to prove that you're secure, that's why I think a lot of the sea levels avoid that conversation. Because usually they have that IT person talking a different language, that doesn't make sense to transmit, you know, and so, yeah, that's, that's the conversation have more of a strategy behind behind the cybersecurity,

07:18

I find, it doesn't have to be, there's the buzz that says, hey, you're gonna lock me down, and I'm not going to be able to do anything, I'm not going to be able to do my business, you're gonna lock me down so tight, I won't be able to do anything. And that's, that's one faults, don't go down that road. But two, if you can create some, some firewall, some sort of way of preventing, or making it difficult for the various behavior to say, they're lazy just like me, they're going to just try to find that simple penetration point, and just, you know, exploit that. So they're going to go on to something else, at least make it a little bit more difficult.

07:58

Yeah, absolutely. Some ways that you can improve your cyber posture, because let's face it firewall and all that that's, that's kind of a thing of the past. They're, they're blown by that like nothing, looking at managed detection and response, but really putting a foundation in place 30% of that 60% manufacturers we work with are in the Defense Supply Chain, they have to meet very stringent, stringent standards now called NIST and cmmc. So we would go in and build that foundation around NIST, it's a set of controls, that now gets the whole company from the top down on the same goal, and making sure that it's not just software, a very small portion of your cybersecurity is going to be software, it is that strategy from from the top down and it becomes part of the DNA of your company. And in no way like you said, should it lock your company down? It has to make common sense for the business.

08:52

And it's not static. It's an ongoing, continuous continuous it because if you think you're it, things change. Now, businesses change. If you're plopping this out there, you're doing whatever is necessary or you're trying to make your business more efficient. That has to be also in light of your cyber and your security strategy. Oh, that business? Yeah.

09:16

Yeah. And like I said, the way you manage your it is very important, because that is all the system updates and the different settings you have throughout your organization. That's a large part of your your cybersecurity Foundation. And from there, you start getting more technical on what are some things we can do to really make sure we lock these guys out. But I tell you what, as as you're looking to find that help for cybersecurity, and how do you tackle that, that giant beasts, the weight in gold for organizations like Systems X x is not. It's not, you know, getting, stopping the attack. It's when you get attacked, what happens after that? How quick can we take the little spark that little fire and hurry up and jump in, put that out, and then put the incident response plan in place. You know, when I talked to when I talked to CEOs, they say, Well, how do I even know if I'm secure? Well, most of them are getting the reports and things they understand. But I just say, hey, ask your IT support, whoever that is to hand you have an incident response plan. And if they can't hand you one in 10 minutes, you have a major problem.

10:25

That sounds Yeah, so let's let's sort of do a little roleplay. Here. I'm a I'm a small manufacturer, let's keep it small. How would you approach my business? Just generally speaking, that hey, get on in here, check it out. Please tell me tell me what we need to do.

10:43

Yeah. Having a business conversation, talking maybe less about the IT and more about what are the goals for the organization? What are some things they're trying to do moving forward? We're always taking that business strategy approach. I'll let you in on a little secret. I knew nothing about it. Three years ago, I came to Systems X X and said, Hey, look, I know, I know, business. I know, C level, I understand how their minds work. Why don't you teach me a little bit about it. So we can start making that connection? Because they're just sick of hearing it jargon constantly brought to them. Yeah, but really that question of how do you manage it? Do I have an IT department come in very expensive? Do I outsource all of it, we're finding right now. Get yourself that mid-level IT person, you know, and then outsource the heavy lifting, outsource the 24/7 monitoring the cybersecurity all the things that it's hard for that one person to do. But it's important to have that one person in your organization being able to take all the quick light work that needs to happen. And companies would should help that IT person grow within the company and understand how to also, you know, work as a team to make sure they're secure.

11:59

Do you? Do you have the conversation with the it? Yeah, where it's saying, Hey, don't be so it ash? You be a little bit more human and less cyborg? Like,

12:11

it's not in their DNA? You know, it's not, it's not what they want to do. But look, that's a fun conversation when I have the person and the CEO there. And they look at each other like, Oh, hey, yeah, you.

12:25

And then it's all acronyms on both sides. Don't get me wrong. It's on both sides.

12:29

Well, when I asked the question of, Hey, how is it supporting sales today? And they look at me like what? And so those are the types of questions we got to start having? How do we gain that competitive edge for you, you know, I talked to companies all time, especially your sea level, and I say, Look, you put your bid in and another company puts their bid, and I would be touting my cybersecurity posture from the mountaintop. And the reason is, it's going to shadow and put doubt on the company you're going against. Because look, whether it's DoD or its commercial, this is coming companies are asking for your cybersecurity possible policy, they're looking for your system security plan, they want to know that. So

13:09

before they do business, I had a conversation with somebody else on this, and they do island hopping. So if you have vendors, and they're connected to your system, because they want connectivity, if I'ma if I want my vendors to be able to transmit information, I gotta have them connected. So what happens is that they Island hop these these nefarious characters, and they'll try to penetrate the bigger company through those. And again, to your point, you're gonna have to have that conversation, I want you to be secure, right? Well, that's exactly

13:39

what's happening in the defensive supply chain. There is it's no coincidence that our F 35. There's the same f 35 sitting in in China right now, what they do is they grab that small mom car manufacturer that made just make a tiny part. And they ride that all the way to the top. And that's why now the primes are looking down saying, Look, no more. In order for us to give you a contract, you gotta meet these standards. And the government is not joking around anymore. I mean, these manufacturers have to get there. But then the next year.

14:11

It's reasonable. No, I mean, it just it and it's so funny. I struggle with companies talking about cyber, just companies like hey, what do you do? Well, we manufacture widgets. Tell me about your cyber Nope. Not going to talk about it. Yeah. And that conversation, it just, I understand the reality that you don't want to just, you know, air your dirty laundry and be able to do that. But I think at a minimum you need to have trusted individuals that you can have conversation and lock it down.

14:39

Yeah, even when you're attacked, even after your attack. Yeah, absolutely. I was. I was so happy to see here on stage. I don't know. I think it was the first day. The gentleman that THAT'S IT manager for Wilson tool. That that was an amazing story that they told and put their name out there to say Yeah, we were attacked. This is how we handled it. And I Yeah, I know I want. I was like, wow. But I tell you what, that's the important thing is you're telling the community what happened. It only secures all of us together.

15:11

See? And that's, we're getting there. You're getting there. I mean, I love this conversation. No, yeah. I know people get a hold on.

15:19

Yeah. So they can go to Systems X dash x.com They can actually reach me directly at 586-500-1001. And, look, I love having these conversations all day long. It's just a conversation

15:35

is Come on. Let's put our adult pants on. Yeah, let's have this conversation. Here you go. It's gonna be painless. Mike would greatly appreciate it. I like this. Thank you. A better person because of you. There you go. All right. Once again, we're broadcasting from FABTECH here in Atlanta, Georgia. Again, great...