Difference between revisions of "User:Shawndouglas/sandbox/sublevel8"

From LIMSWiki
Jump to navigationJump to search
Tag: Reverted
 
(49 intermediate revisions by the same user not shown)
Line 7: Line 7:


==Sandbox begins below==
==Sandbox begins below==
<div class="nonumtoc">__TOC__</div>
Material testing can focus on specific industries (e.g., automotive, construction, and pharmaceutical), products (e.g., car seats, asphalt, and medical devices), or raw materials (e.g., steel, gravel, and zirconia ceramic).
==1. What is a cybersecurity plan and why do you need it?==
===1.1 Cybersecurity planning and its value===
[[File:Cyber table with source.png|right|500px]]From law firms<ref name="SobowaleLaw17">{{cite web |url=https://www.abajournal.com/magazine/article/managing_cybersecurity_risk/ |title=Law firms must manage cybersecurity risks |author=Sobowale, J. |work=ABA Journal |publisher=American Bar Association |date=01 March 2017 |accessdate=01 March 2023}}</ref> to automotive manufacturers<ref name="WatneyAddress17">{{cite web |url=https://www.rstreet.org/wp-content/uploads/2018/04/118-1.pdf |format=PDF |title=Addressing new challenges in automotive cybersecurity |author=Watney, C.; Draffin, C. |work=R Street Policy Study No. 118 |publisher=R Street Institute |date=November 2017 |accessdate=01 March 2023}}</ref>, the need to address [[cybersecurity]] is increasingly apparent. Various sources report anywhere between six to eight trillion dollars as the global cost of cybercrime in 2022<ref name="MorganTop1023">{{cite web |url=https://cybersecurityventures.com/top-5-cybersecurity-facts-figures-predictions-and-statistics-for-2021-to-2025/ |title=Top 10 Cybersecurity Predictions And Statistics For 2023 |author=Morgan, S. |work=Cybercrime Magazine |date=10 December 2022 |accessdate=01 March 2023}}</ref><ref name="AmugeCyber23">{{cite web |url=https://www.businessamlive.com/cyber-security-revenue-to-hit-262bn-in-2027-as-cybercrime-rises/ |title=Cyber security revenue to hit $262bn in 2027 as cybercrime rises |author=Amuge, O. |work=Business a.m. |date=09 January 2023 |accessdate=01 March 2023}}</ref><ref name="FleckCyber22">{{cite web |url=https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027/ |title=Cybercrime Expected To Skyrocket in Coming Years |author=Fleck, A. |publisher=Statista |date=02 December 2022 |accessdate=01 March 2023}}</ref>, though due to underreporting of crimes, that number may be much higher. That number also likely doesn't take into account lost business, fines, litigation, and intangible losses<ref name="SBDCC_BlogCost17">{{cite web |url=https://www.virginiasbdc.org/blog-cost-of-cyber-crime-to-small-businesses/ |archiveurl=https://web.archive.org/web/20201227041535/https://www.virginiasbdc.org/blog-cost-of-cyber-crime-to-small-businesses/ |title=BLOG: Cost of Cyber Crime to Small Businesses |work=Virginia SBDC Blog |publisher=Virginia SBDC |date=30 May 2017 |archivedate=27 December 2020 |accessdate=01 March 2023}}</ref> By 2025, the global damage estimate is expected to be $10.5 trillion annually.<ref name="MorganTop1023" /> In the end, businesses of all sizes average about $4.35 million globally in losses due to a cybersecurity incident ($9.44M just in the United States)<ref name="IBMCost22">{{cite web |url=https://www.ibm.com/reports/data-breach |title=Cost of a data breach 2022: A million-dollar race to detect and respond |publisher=IBM |date=2022 |accessdate=01 March 2023}}</ref>, and nearly 60 percent of small and midsize businesses go bankrupt within six months because of it.<ref name="Galvin60_18">{{cite web |url=https://www.inc.com/joe-galvin/60-percent-of-small-businesses-fold-within-6-months-of-a-cyber-attack-heres-how-to-protect-yourself.html |title=60 Percent of Small Businesses Fold Within 6 Months of a Cyber Attack. Here's How to Protect Yourself |author=Galvin, J. |work=Inc.com |date=07 May 2018 |accessdate=01 March 2023}}</ref>


And while large enterprises often grab the headlines after a cybersecurity breach, small businesses of all types are also subject to cyber crimes, and they too aren't doing enough to protect themselves. Juniper Research reports that despite small businesses making up over 99 percent of all companies, approximately 13 percent of overall cybersecurity spending came from those small businesses in 2018, amounting to about $500 per business.<ref name="JuniperCyber18">{{cite web |url=https://www.juniperresearch.com/press/press-releases/cybersecurity-breaches-to-result-in-over-146-bn |title=Cybersecurity Breaches to Result in over 146 Billion Records Being Stolen by 2023 |publisher=Juniper Research |date=08 August 2018 |accessdate=23 July 2020}}</ref> By 2023, that number was $1,500 or less for nearly half of all small businesses.<ref name="Rahmonbek35Alarm23">{{cite web |url=https://www.strongdm.com/blog/small-business-cyber-security-statistics |title=35 Alarming Small Business Cybersecurity Statistics for 2023 |author=Rahmonbek, K. |work=StrongDM Blog |date=22 February 2023 |accessdate=01 March 2023}}</ref> Finally, in 2022, small businesses were targeted by cyber attackers 43% of the time, yet only 14% said they were prepared to defend themselves.<ref name="Mclean2023Must23">{{cite web |url=https://www.embroker.com/blog/cyber-attack-statistics/ |title=2023 Must-Know Cyber Attack Statistics and Trends |author=Mclean, M. |work=Embroker Blog |date=02 January 2023 |accessdate=01 March 2023}}</ref>
About chemical testing of raw materials https://a2la.org/accreditation/chemical-testing/


Even the tiniest of businesses face cybersecurity risks today. The independent contractor with a WordPress-based website that advertises their knowledge and skills must still ensure all website plugins and themes are updated and install security plugins to close potential vulnerabilities in the software. Without these precautions, hackers could spread malware, steal user data, add the website to a bot network, hack the site for the learning experience, or even hack it just for fun.<ref name="GrimaTop19">{{cite web |url=https://www.wpwhitesecurity.com/why-malicious-hacker-target-wordpress/ |title=Top reasons why WordPress websites get hacked (and how you can stop it) |author=Grima, M. |publisher=WP White Security |date=18 January 2023 |accessdate=01 March 2023}}</ref><ref name="MoenWhatHack16">{{cite web |url=https://www.wordfence.com/blog/2016/04/hackers-compromised-wordpress-sites/ |title=What Hackers Do With Compromised WordPress Sites |author=Moen, D. |work=Wordfence Blog |publisher=Defiant, Inc |date=19 April 2016 |accessdate=01 March 2023}}</ref><ref name="TalalevWebsite19">{{cite web |url=https://patchstack.com/articles/website-hacking-statistics/ |title=Website Hacking Statistics You Should Know in 2022 |author=Talaleve, A. |work=Patchstack |publisher=WebARX |date=22 February 2021 |accessdate=01 March 2023}}</ref>
Material testing domains:
* Aerospace
**Adhesives
**Composites
**Fasteners
**Paints and primers
**Sealants
**Etc.
*Automotive
**Adhesives
**Coatings
**Foams
**Lighting and high-visibility solutions
**Plastics
**Seating
**Etc.
*Carbon
**Activated carbon
**Coal tar
**Etc.
*Coatings, linings, and sealants
**Ceramic coatings
**Metal coatings
**Pipe linings
**Thermal sprays
**Etc.
*Construction and engineering
**Asphalt
**Brick and tile
**Fasteners
**Fenestration and glazing products (i.e., windows, doors, glass)
**Geosynthetics
**Plumbing
**Soil
**Etc.
* Insulation, foam, and composites
**Fiberglass
**Flexible and laminate urethane foam composite
**Polyester resins
**Etc.
*Lubricants and thickeners
**Metallic stearates
**Powdered metal
**Pre-formed grease thickeners
**Etc.
* Medical devices
**Ceramics
**Metals
**Screws
**Etc.
*Metals
**Aluminum
**Castings
**Copper
**Rebar
**Steel
**Tubing
**Welds
**Zinc
**Etc.
* Packaging and labeling
**Cardboard
**Label adhesives
**Pharmaceutical packaging
**Sterile barrier materials
**Etc.
* Paints and oils
**Interior/Exterior paints
**Organic coatings
**Paint on parts
**Transformer oil
**Etc.
* Paper
**Cellulose paper tape
**Crepe paper and tubes
**Kraft paper
**Pressboard
**Etc.
*Polymers and plastics
**Biopolymers
**Condoms and gloves
**Payment cards
**O-rings
**[https://www.sciencedirect.com/science/article/pii/S1751616121005105 Silicone-based biological tissue mimics]
**Thermoplastic resins
**Etc.
* Raw materials
**Food and beverage ingredients
**Elemental material
**Pharmaceutical ingredients
**Etc.
* Reference materials
**Cannabinoids
**Coals and cokes
**Elemental gasses
**Isotope reference material
**Organic analytical reference material
**Pesticides
**Etc.
*Rubbers
**Bump stops
**Gloves
**Neoprene
**Silicone
**Tires
**Etc.
*Electronics and energy devices
**Batteries
**Semiconductors
**Solar panels
**Transformers
**Etc.
*Textiles
**Carpet
**Drapery
**Non-woven fabrics
**Upholstery
**Etc.
*Wood
**Dowel
**Flooring
**Lumber
**Medium-density fibreboard (MDF)
**Etc.


As for larger companies, a late 2018 audit of Fortune 500 companies found a mix of good and bad news: they're doing better at reducing the number of entry points for hackers to enter their systems, yet their systems remain susceptible to fraudulent emails containing malware.<ref name="UchillFortune18">{{cite web |url=https://www.axios.com/2018/12/11/fortune-500-cybersecurity-email-security |title=Fortune 500 cybersecurity is better and worse than you'd think |author=Uchill, J. |publisher=Axios |date=11 December 2018 |accessdate=01 March 2023}}</ref> Things weren't much better for the Fortune 500, with the average company having 476 critical vulnerabilities among its public and internet-facing assets in late 2022.<ref name="GoldmanAverage22">{{cite web |url=https://www.esecurityplanet.com/threats/fortune-500-critical-vulnerabilities/ |title=Average Fortune 500 Company Has 476 Critical Vulnerabilities |author=Goldman, J. |work=eSecurity Planet |date=07 December 2022 |accessdate=01 March 2023}}</ref> Additionally, Fortune 500 companies are still lagging behind in being publicly transparent in showing a commitment to cybersecurity and protecting customer data.<ref name="StahieFortune19">{{cite web |url=https://securityboulevard.com/2019/10/fortune-500-companies-take-cyber-security-for-granted/ |title=Fortune 500 Companies Take Cyber Security for Granted |author=Stahie, S. |work=Security Boulevard |date=04 October 2019 |accessdate=01 March 2023}}</ref><ref name="BitglassThecloud19">{{cite web |url=https://pages.bitglass.com/rs/418-ZAL-815/images/Bitglass_TheCloudfathers_Fortune500.pdf |format=PDF |title=The Cloudfathers: An Analysis of Cybersecurity in the Fortune 500 |publisher=Bitglass |date=2019 |accessdate=01 March 2023}}</ref> On a broader scale, roughly 60 to 70 percent of all companies are still ill-prepared for cyber threats, either not having an up-to-date cybersecurity strategy or having no plan at all.<ref name="Galvin60_18" /><ref name="TalalevWebsite19" /> By all appearances, businesses still aren't doing enough to protect themselves and their customer's data despite the fact that cybercrime appears to only be getting worse for everyone.
Test method developers:
 
* Aerospace Industries Association (AIA/NAS/NASM)
The most solid first steps any organization or individual can take to limit the potential effects of cybercrime is to learn more about the threat and to develop some sort of cybersecurity strategy. For most organizations, this means developing a cybersecurity plan that boasts solid policies and security controls.
* American Architectural Manufacturers Association (AAMA)
 
* American Association of State Highway and Transportation Officials (AASHTO)
A cybersecurity plan is a developed, distributed, reviewed, updated, and protected collection of assessments, analyses, requirements, controls, goals, policies, performance indicators, and metrics that shapes how an organization protects against and responds to cybersecurity threats. Developing a cybersecurity plan is not a simple process; it requires expertise, resources, and diligence. Even a simple plan may involve several months of development, more depending on the complexity involved. The time it takes to develop the plan may also be impacted by how much executive support is provided, the size of the development team (bigger is not always better), and how available required resources are.<ref name="NARUCCyber18">{{cite web |url=https://pubs.naruc.org/pub/8C1D5CDD-A2C8-DA11-6DF8-FCC89B5A3204 |format=PDF |title=Cybersecurity Strategy Development Guide |author=Cadmus Group, LLC |publisher=National Association of Regulatory Utility Commissioners |date=30 October 2018 |accessdate=01 March 2023}}</ref>
* American Association of Textile Chemists and Colorists (AATCC)
 
* American Institute of Timber Construction (AITC)
This guide attempts to assist organizations and individuals with overcoming the involved complexities of cybersecurity plan development and preventing becoming another cybersecurity statistic. It addresses the major regulations, standards, and standards frameworks related to cybersecurity, with a focus in particular on the National Institute of Standards and Technology's (NIST's) Special Publication 800-53, Revision 5: ''Security and Privacy Controls for Information Systems and Organizations''. Also addressed is how to best incorporate a cybersecurity framework and controls into your plan development. At it's heart, this guide includes a comprehensive 10-step plan of attack for developing a cybersecurity plan, followed by closing comments. The end of this guide includes an appendix containing a slightly more simplified wording of NIST's most popular cybersecurity controls, as well as mappings to this wiki's own [[LII:LIMSpec 2022 R2|LIMSpec]], an evolving set of specifications for [[laboratory informatics]] solutions and their development.
* American National Standards Institute (ANSI)
 
* American Petroleum Institute (API)
Note that this guide has been written with the intent to broadly cover multiple industries. However, it does have a slight lean towards [[Laboratory|laboratories]], particularly those implementing information systems. Despite that, there should be sufficient information contained herein to be helpful to most people attempting to navigate the challenges of consistently applying cybersecurity goals and policies to their organization.
* American Society of Mechanical Engineers (ASME)
 
* American Welding Society (AWS)
==References==
* American Wood Protection Association (AWPA)
{{Reflist|colwidth=30em}}
* AOAC International (Association of Official Agricultural Chemists; AOAC)
* ASTM International (ASTM)
* Automakers (Ford, GM, Honda, PACCAR, Peugeot, Subaru, Tesla, Toyota, Volvo, etc.)
* Canadian Standards Association (CSA)
* Chemical Fabrics & Film Association (CFFA)
* Consumer Product Safety Commission (CPSC)
* Deutsches Institut für Normung (DIN)
* Electronic Components Industry Association (ECIA/EIA)
* European Telecommunications Standards Institute (ETSI)
* Federal Motor Vehicle Safety Standard (FMVSS)
* FM Approvals (FM)
* GE Aerospace (GE)
* Government and military (MIL, [https://fedspecs.gsa.gov/s/federal-standards Fed], Consumer Product Safety Commission, CSFA, EPA, FDA, MMM, NAVSEA, United Nations Economic Commission for Europe, etc.)
* Industrial Fasteners Institute (IFI)
* Institute of Electrical and Electronics Engineers (IEEE)
* International Atomic Energy Agency (IAEA) ([https://www.iaea.org/topics/material-analysis 1], [https://www.iaea.org/topics/other-non-destructive-testing 2], [https://www.iaea.org/topics/materials 3])
* International Code Council (ICC-ES)
* International Electrotechnical Commission (IEC)
* International Maritime Organization (IMO)
* International Organization for Standardization (ISO)
* International Safe Transit Association (ISTA)
* IPC International (Institute for Interconnecting and Packaging Electronic Circuits; IPC)
* Japanese Standards Association (JAS/JIS)
* NACE International (National Association of Corrosion Engineers; NACE)
* National Fire Protection Association (NFPA)
* [https://www.dot.ny.gov/divisions/engineering/structures/manuals/scm/repository/SCM_4th_Edition_1-2018.pdf New York State Steel Construction Manual (NNSSCM/SCM)]
* NSF International (National Sanitation Foundation; NSF)
* Pressure Sensitive Tape Council (PSTC)
* Radio Technical Commission for Aeronautics (RTCA)
* Suppliers of Advanced Composite Materials Association (SACMA)
* SAE International (SAE/AMS/AS)
* TAPPI (Technical Association of the Pulp and Paper Industry; TAPPI)
* Truss Plate Institute (TPI)
* UL Standards and Engagement (UL)
* United States Pharmacopeia Convention (USP)

Latest revision as of 18:07, 20 September 2023

Sandbox begins below

Material testing can focus on specific industries (e.g., automotive, construction, and pharmaceutical), products (e.g., car seats, asphalt, and medical devices), or raw materials (e.g., steel, gravel, and zirconia ceramic).

About chemical testing of raw materials https://a2la.org/accreditation/chemical-testing/

Material testing domains:

  • Aerospace
    • Adhesives
    • Composites
    • Fasteners
    • Paints and primers
    • Sealants
    • Etc.
  • Automotive
    • Adhesives
    • Coatings
    • Foams
    • Lighting and high-visibility solutions
    • Plastics
    • Seating
    • Etc.
  • Carbon
    • Activated carbon
    • Coal tar
    • Etc.
  • Coatings, linings, and sealants
    • Ceramic coatings
    • Metal coatings
    • Pipe linings
    • Thermal sprays
    • Etc.
  • Construction and engineering
    • Asphalt
    • Brick and tile
    • Fasteners
    • Fenestration and glazing products (i.e., windows, doors, glass)
    • Geosynthetics
    • Plumbing
    • Soil
    • Etc.
  • Insulation, foam, and composites
    • Fiberglass
    • Flexible and laminate urethane foam composite
    • Polyester resins
    • Etc.
  • Lubricants and thickeners
    • Metallic stearates
    • Powdered metal
    • Pre-formed grease thickeners
    • Etc.
  • Medical devices
    • Ceramics
    • Metals
    • Screws
    • Etc.
  • Metals
    • Aluminum
    • Castings
    • Copper
    • Rebar
    • Steel
    • Tubing
    • Welds
    • Zinc
    • Etc.
  • Packaging and labeling
    • Cardboard
    • Label adhesives
    • Pharmaceutical packaging
    • Sterile barrier materials
    • Etc.
  • Paints and oils
    • Interior/Exterior paints
    • Organic coatings
    • Paint on parts
    • Transformer oil
    • Etc.
  • Paper
    • Cellulose paper tape
    • Crepe paper and tubes
    • Kraft paper
    • Pressboard
    • Etc.
  • Polymers and plastics
  • Raw materials
    • Food and beverage ingredients
    • Elemental material
    • Pharmaceutical ingredients
    • Etc.
  • Reference materials
    • Cannabinoids
    • Coals and cokes
    • Elemental gasses
    • Isotope reference material
    • Organic analytical reference material
    • Pesticides
    • Etc.
  • Rubbers
    • Bump stops
    • Gloves
    • Neoprene
    • Silicone
    • Tires
    • Etc.
  • Electronics and energy devices
    • Batteries
    • Semiconductors
    • Solar panels
    • Transformers
    • Etc.
  • Textiles
    • Carpet
    • Drapery
    • Non-woven fabrics
    • Upholstery
    • Etc.
  • Wood
    • Dowel
    • Flooring
    • Lumber
    • Medium-density fibreboard (MDF)
    • Etc.

Test method developers:

  • Aerospace Industries Association (AIA/NAS/NASM)
  • American Architectural Manufacturers Association (AAMA)
  • American Association of State Highway and Transportation Officials (AASHTO)
  • American Association of Textile Chemists and Colorists (AATCC)
  • American Institute of Timber Construction (AITC)
  • American National Standards Institute (ANSI)
  • American Petroleum Institute (API)
  • American Society of Mechanical Engineers (ASME)
  • American Welding Society (AWS)
  • American Wood Protection Association (AWPA)
  • AOAC International (Association of Official Agricultural Chemists; AOAC)
  • ASTM International (ASTM)
  • Automakers (Ford, GM, Honda, PACCAR, Peugeot, Subaru, Tesla, Toyota, Volvo, etc.)
  • Canadian Standards Association (CSA)
  • Chemical Fabrics & Film Association (CFFA)
  • Consumer Product Safety Commission (CPSC)
  • Deutsches Institut für Normung (DIN)
  • Electronic Components Industry Association (ECIA/EIA)
  • European Telecommunications Standards Institute (ETSI)
  • Federal Motor Vehicle Safety Standard (FMVSS)
  • FM Approvals (FM)
  • GE Aerospace (GE)
  • Government and military (MIL, Fed, Consumer Product Safety Commission, CSFA, EPA, FDA, MMM, NAVSEA, United Nations Economic Commission for Europe, etc.)
  • Industrial Fasteners Institute (IFI)
  • Institute of Electrical and Electronics Engineers (IEEE)
  • International Atomic Energy Agency (IAEA) (1, 2, 3)
  • International Code Council (ICC-ES)
  • International Electrotechnical Commission (IEC)
  • International Maritime Organization (IMO)
  • International Organization for Standardization (ISO)
  • International Safe Transit Association (ISTA)
  • IPC International (Institute for Interconnecting and Packaging Electronic Circuits; IPC)
  • Japanese Standards Association (JAS/JIS)
  • NACE International (National Association of Corrosion Engineers; NACE)
  • National Fire Protection Association (NFPA)
  • New York State Steel Construction Manual (NNSSCM/SCM)
  • NSF International (National Sanitation Foundation; NSF)
  • Pressure Sensitive Tape Council (PSTC)
  • Radio Technical Commission for Aeronautics (RTCA)
  • Suppliers of Advanced Composite Materials Association (SACMA)
  • SAE International (SAE/AMS/AS)
  • TAPPI (Technical Association of the Pulp and Paper Industry; TAPPI)
  • Truss Plate Institute (TPI)
  • UL Standards and Engagement (UL)
  • United States Pharmacopeia Convention (USP)