Manufacturers are the back bone of our economy. For three decades the National Institute of Standards and Technology (NIST) and the Manufacturers Extension Partnership (MEP) have been focused on improving competitiveness by creating efficiencies and output for small and medium sized manufacturers in the United States. Since 1988 the NIST MEP program has helped produce close to $100 billion in sales, nearly $16 billion in cost savings, resulting in 800,000 jobs. A noble cause and one of critical importance for our country’s global economic edge and stability.
What is NIST?
NIST is a non-regulatory agency under the Department of Commerce and a vital component of our federal government. The roles of NIST are numerous, widely varied, and critical. However, in this article I am going to focus on one aspect; NIST MEP.
Why is NIST Important?
NIST realized early on that cyber theft and IT security were important to focus on. Our primary adversaries were ahead of us in plotting and planning how to derive economic benefit by stealing and cheating us out of our country’s assets, trade secrets, intellectual property, and cold hard cash (or cryptocurrency).
As a country, we lagged behind creeps, cheats, and thieves in cybercrime innovation. We became a target because of our ability to innovate and create great things in the United States. Our adversaries would rather just steal our ideas and copy them rather than create ideas from scratch.
American Superconductor is an example of IP theft that resulted in significant financial loss for a large organization. For every large business incident there are countless small and medium businesses impacted. Often, cybersecurity and IT security are not a main focus for smaller businesses. Typically small/medium businesses could not survive such a theft of trade secrets of other assets, it would literally put them out of business.
American Superconductor struggled to survive following the Sinovel incident, laying off 70% of its workforce and shutting down their Wisconsin headquarters. Today American Superconductor survives, though they remain much smaller than they were prior to the incident.
How does NIST MEP Help Manufacturers?NIST MEP rose to the occasion around 2013 when they began creating a framework to guide and assist our nations defense against the evils of creeps, cheats and thieves. The “Framework for Improving Critical Infrastructure Cybersecurity Version 1.0” was published by the National Institute of Standards and Technology on February 12, 2014.
Today there is another more specific and updated recommendation available. This one - NIST 800-171 - was developed specifically for the manufacturing sector. In particular, manufacturers involved with the Department of Defense. Why? There is theft of our intellectual property happening on a regular basis. Take a look at this example:
China's Shenyan J-31 stealth fighter (shown on bottom) is the nations latest attempt at a modern fifth-generation stealth fighter. The J-31 rivals the capabilities of the American F-35 Lightning fighter (shown on top) and many believe the J-31 design to be based on technology from the F-35, stolen from the Pentagon.
One may question the necessity of NIST 800-171, DFARS, or the DOD requirements to follow such practices, but seriously, it just makes good sense. We need to protect our nations secrets, assets, and our ability to defend the freedom that we have enjoyed since 1776.