KM CNC Machine Service
Published

Do a Technology Risk Assessment to Protect Your Shop

The road to protecting your shop’s information starts with a technology risk assessment that identifies areas to protect and areas to consider public knowledge.

Timothy Grace, CIA, CISA, CRISC, Director of Technology Risk Advisory Services , Mueller Prost

Share

State-sponsored hackers, ransomware agents, corporate spies and corporate espionage campaigns are attacking today’s manufacturing technology environments. In most cases, the bad actors never announce themselves. They gain unauthorized access to systems through well-hidden malware, quietly sitting on network devices, watching and recording traffic, data and information to steal or provide them a competitive advantage. In some cases, systems are being used to stage attacks on other organizations or store data for future use. How can a mold shop protect itself from becoming a victim?

With the ever-evolving and diverse range of technology within today’s mold shops, threats to your information are already in place or can be introduced at any time. Executives and company leaders must consider the implications of technology reliance on the organization. They must ensure their organization and customer data is protected and stays confidential, with the integrity intact, while also remaining accessible within the organization.

Three key issues molds should evaluate during a technology risk assessment:

  1. Ability to control cybersecurity.
  2. Ability to upgrade or replace systems. As shops look to stay relevant, they will need to assess their current systems to ensure they are providing an optimized solution. Shops need to upgrade old and outdated systems to newer versions and technology.
  3. Ability to align operations with technology. Today’s business technology needs are quickly outpacing a mold shop’s information technology functions. Executives need to ensure their organization meets the demands of their technology user base to ensure sustained levels of productivity.

Mold shops must not only assess their needs but their technology risk. Without assessing the risk associated with that technology, they may be unaware of potential financial and reputation damage. Privacy issues and cybersecurity breaches often become highly publicized incidents, which can affect your shop’s perceived integrity. Therefore, it is vital that the appropriate controls are in place to protect the confidentiality and accessibility of private information. 

Mold shops must not only assess their needs but their technology risk.

 

Risk Management Essentials

The risk management cycle is continuous and iterative. It begins with a shop identifying the risk universe by reviewing its broadest risk areas. Once they identify the root causes, they can develop action plans to mitigate these issues.

The basic steps of the risk management process include:

1. Identify the opportunities for risk within the shop.

2. Prioritize and filter the universe to quantify the impact, probability and risk tolerance.

3. Evaluate the prioritized risk items within the universe to determine remediation or mitigation strategies. During this evaluation:

  • Develop a corrective action plan to eliminate or mitigate the risk.
  • Determine steps to reduce risk to an acceptable level.
  • Determine whether to transfer the risk to another lower-priority process.
  • Determine whether management has a plan to accept the risk.

4. Monitor each identified risk item in the universe for events or prompts that indicate a change in the risk environment or control infrastructure.

5. Revalidate risk for changes or additions in the risk universe.

 

Technology Risk Assessment Timing

A shop can perform a technology risk assessment at any time, but there are certain indicators for the most appropriate time. Here are some suggestions:

  • Annually to support the development of a multi-year, risk-based technology audit plan.
  • When new technology risks or challenges are introduced into the business or technology environment.
  • When organizational changes occur.
  • Along with strategic actions such as mergers, acquisitions, outsourcing or off-shoring.
  • During operational initiatives including organizational restructuring, changes in technology use and new applications of technology.
  • When market condition changes such as growth, globalization, downsizing or stagnation.
  • When the use of technology is reactive and is not keeping pace with business demands.
  • When new or updated mandates are introduced (Sarbanes-Oxley, privacy, cybersecurity or internal controls regulations or industry standards).

A shop can also use a risk assessment for technology optimization, process improvement, resource focus, valuation services and due diligence reviews.

 

If your business has not performed a technology risk assessment, or if an existing assessment is more than a year old, now is a good time to contact your advisor.

 

Without a technology risk assessment and the corresponding remediation or mitigation actions, a shop may be vulnerable to an increasing range of threats that may result in legal liability, financial impact, regulatory non-compliance (state, federal, international), reputation damage, diminished resiliency, reduced reliability or lack of integrity.

The vulnerabilities uncovered by a technology risk assessment if not mitigated could also result in a decrease in your tool shop’s valuation, impacting stock value, equity, borrowing power, liquidity or a potential merger or acquisition. Vulnerabilities could also disrupt strategic alliances, joint ventures or result in a loss of client revenues.

Technology risk assessments are key components of risk management, and they are essential to identifying the danger zones in your business and effectively control these risks. Regularly scheduled technology risk assessments should be used to update risk management plans and programs and to monitor the progress of the organization’s overall technology risk management program.

If your business has not performed a technology risk assessment, or if an existing assessment is more than a year old, now is a good time to contact your advisor.

About the Author

Timothy M. Grace, CIA, CISA, CISM, CRISC, is the director of technology risk advisory services for Mueller Prost. Michael J. Devereux II, CPA, CMP, is a partner and director of manufacturing, distribution and plastics industry services.

 

 

For More Information

 

Mueller Prost

314-862-2070

tgrace@muellerprost.com

mdevereux@muellerprost.com

muellerprost.com

 

Date Code Inserts
Bonal Meta-Lax Stress Relief Solution
Data Flute
North America’s Premier Molding and Moldmaking Event
KM CNC Machine Service
Techspex
MMT Today enews
MoldMaking Technology Magazine

Related Content

Medical

Predictive Manufacturing Moves Mold Builder into Advanced Medical Component Manufacturing

From a hot rod hobby, medical molds and shop performance to technology extremes, key relationships and a growth strategy, it’s obvious details matter at Eden Tool.

Read More

Mold Design Review: The Complete Checklist

Gerardo (Jerry) Miranda III, former global tooling manager for Oakley sunglasses, reshares his complete mold design checklist, an essential part of the product time and cost-to-market process.

Read More

Dynamic Tool Corporation – Creating the Team to Move Moldmaking Into the Future

For 40+ years, Dynamic Tool Corp. has offered precision tooling, emphasizing education, mentoring and innovation. The company is committed to excellence, integrity, safety and customer service, as well as inspiring growth and quality in manufacturing.

Read More

The Trifecta of Competitive Toolmaking

Process, technology and people form the foundations of the business philosophy in place at Eifel Mold & Engineering.

Read More

Read Next

3D Printing

Are You a Moldmaker Considering 3D Printing? Consider the 3D Printing Workshop at NPE2024

Presentations will cover 3D printing for mold tooling, material innovation, product development, bridge production and full-scale, high-volume additive manufacturing. 

Read More
Cutting Tools

How to Use Continuing Education to Remain Competitive in Moldmaking

Continued training helps moldmakers make tooling decisions and properly use the latest cutting tool to efficiently machine high-quality molds.

Read More
Maintenance & Repair

Reasons to Use Fiber Lasers for Mold Cleaning

Fiber lasers offer a simplicity, speed, control and portability, minimizing mold cleaning risks.

Read More
Top 5 Reasons