Forget about long angle pins & hydraulic cylinders
Published

Do a Technology Risk Assessment to Protect Your Shop

The road to protecting your shop’s information starts with a technology risk assessment that identifies areas to protect and areas to consider public knowledge.

Timothy Grace, CIA, CISA, CRISC, Director of Technology Risk Advisory Services , Mueller Prost

Share

State-sponsored hackers, ransomware agents, corporate spies and corporate espionage campaigns are attacking today’s manufacturing technology environments. In most cases, the bad actors never announce themselves. They gain unauthorized access to systems through well-hidden malware, quietly sitting on network devices, watching and recording traffic, data and information to steal or provide them a competitive advantage. In some cases, systems are being used to stage attacks on other organizations or store data for future use. How can a mold shop protect itself from becoming a victim?

With the ever-evolving and diverse range of technology within today’s mold shops, threats to your information are already in place or can be introduced at any time. Executives and company leaders must consider the implications of technology reliance on the organization. They must ensure their organization and customer data is protected and stays confidential, with the integrity intact, while also remaining accessible within the organization.

Three key issues molds should evaluate during a technology risk assessment:

  1. Ability to control cybersecurity.
  2. Ability to upgrade or replace systems. As shops look to stay relevant, they will need to assess their current systems to ensure they are providing an optimized solution. Shops need to upgrade old and outdated systems to newer versions and technology.
  3. Ability to align operations with technology. Today’s business technology needs are quickly outpacing a mold shop’s information technology functions. Executives need to ensure their organization meets the demands of their technology user base to ensure sustained levels of productivity.

Mold shops must not only assess their needs but their technology risk. Without assessing the risk associated with that technology, they may be unaware of potential financial and reputation damage. Privacy issues and cybersecurity breaches often become highly publicized incidents, which can affect your shop’s perceived integrity. Therefore, it is vital that the appropriate controls are in place to protect the confidentiality and accessibility of private information. 

Mold shops must not only assess their needs but their technology risk.

 

Risk Management Essentials

The risk management cycle is continuous and iterative. It begins with a shop identifying the risk universe by reviewing its broadest risk areas. Once they identify the root causes, they can develop action plans to mitigate these issues.

The basic steps of the risk management process include:

1. Identify the opportunities for risk within the shop.

2. Prioritize and filter the universe to quantify the impact, probability and risk tolerance.

3. Evaluate the prioritized risk items within the universe to determine remediation or mitigation strategies. During this evaluation:

  • Develop a corrective action plan to eliminate or mitigate the risk.
  • Determine steps to reduce risk to an acceptable level.
  • Determine whether to transfer the risk to another lower-priority process.
  • Determine whether management has a plan to accept the risk.

4. Monitor each identified risk item in the universe for events or prompts that indicate a change in the risk environment or control infrastructure.

5. Revalidate risk for changes or additions in the risk universe.

 

Technology Risk Assessment Timing

A shop can perform a technology risk assessment at any time, but there are certain indicators for the most appropriate time. Here are some suggestions:

  • Annually to support the development of a multi-year, risk-based technology audit plan.
  • When new technology risks or challenges are introduced into the business or technology environment.
  • When organizational changes occur.
  • Along with strategic actions such as mergers, acquisitions, outsourcing or off-shoring.
  • During operational initiatives including organizational restructuring, changes in technology use and new applications of technology.
  • When market condition changes such as growth, globalization, downsizing or stagnation.
  • When the use of technology is reactive and is not keeping pace with business demands.
  • When new or updated mandates are introduced (Sarbanes-Oxley, privacy, cybersecurity or internal controls regulations or industry standards).

A shop can also use a risk assessment for technology optimization, process improvement, resource focus, valuation services and due diligence reviews.

 

If your business has not performed a technology risk assessment, or if an existing assessment is more than a year old, now is a good time to contact your advisor.

 

Without a technology risk assessment and the corresponding remediation or mitigation actions, a shop may be vulnerable to an increasing range of threats that may result in legal liability, financial impact, regulatory non-compliance (state, federal, international), reputation damage, diminished resiliency, reduced reliability or lack of integrity.

The vulnerabilities uncovered by a technology risk assessment if not mitigated could also result in a decrease in your tool shop’s valuation, impacting stock value, equity, borrowing power, liquidity or a potential merger or acquisition. Vulnerabilities could also disrupt strategic alliances, joint ventures or result in a loss of client revenues.

Technology risk assessments are key components of risk management, and they are essential to identifying the danger zones in your business and effectively control these risks. Regularly scheduled technology risk assessments should be used to update risk management plans and programs and to monitor the progress of the organization’s overall technology risk management program.

If your business has not performed a technology risk assessment, or if an existing assessment is more than a year old, now is a good time to contact your advisor.

About the Author

Timothy M. Grace, CIA, CISA, CISM, CRISC, is the director of technology risk advisory services for Mueller Prost. Michael J. Devereux II, CPA, CMP, is a partner and director of manufacturing, distribution and plastics industry services.

 

 

For More Information

 

Mueller Prost

314-862-2070

tgrace@muellerprost.com

mdevereux@muellerprost.com

muellerprost.com

 

Progressive Components
MMT Today enews
Techspex
Maximum Mold Precision
KM CNC Machine Service
Forget about long angle pins & hydraulic cylinders
MoldMaking Technology Magazine
Techspex

Related Content

How to Improve Your Current Efficiency Rate

An alternative approach to taking on more EDM-intensive work when technology and personnel investment is not an option.

Read More
Five Axis

Predictive Manufacturing Moves Mold Builder into Advanced Medical Component Manufacturing

From a hot rod hobby, medical molds and shop performance to technology extremes, key relationships and a growth strategy, it’s obvious details matter at Eden Tool.

Read More

Mold Design Review: The Complete Checklist

Gerardo (Jerry) Miranda III, former global tooling manager for Oakley sunglasses, reshares his complete mold design checklist, an essential part of the product time and cost-to-market process.

Read More
Case Study

OEE Monitoring System Addresses Root Cause of Machine Downtime

Unique sensor and patent-pending algorithm of the Amper machine analytics system measures current draw to quickly and inexpensively inform manufacturers which machines are down and why.

Read More

Read Next

Workforce Development

How to Use Continuing Education to Remain Competitive in Moldmaking

Continued training helps moldmakers make tooling decisions and properly use the latest cutting tool to efficiently machine high-quality molds.

Read More
3D Printing

Are You a Moldmaker Considering 3D Printing? Consider the 3D Printing Workshop at NPE2024

Presentations will cover 3D printing for mold tooling, material innovation, product development, bridge production and full-scale, high-volume additive manufacturing. 

Read More
Maximum Mold Precision