This page contains a Flash digital edition of a book.
MARKETING MATTERS BY THE LAW CAST TIP


Cyber Security and Your Metalcasting Facility W


DAVE RESSER, WEGMAN, HESSLER & VANDERBURG, CLEVELAND


hen the topic of cyber security comes up, many of you might wonder why it


should be considered. After all, if your metalcasting facility is not a “tech” company, why should you worry about cyber security? In our increasingly data-driven world, by default nearly every company is a tech company. Your metalcasting facility may have already been a target for “phishing” schemes via email that lure employees into un- wittingly opening infected files, allow- ing worms or viruses to enter your computer network. More sophisticated “spear phishing” schemes have been found to mimic typical communications that we receive on a regular basis and are quite familiar to us. For example, some attacks look very similar to a request to complete a wire transfer from a known bank. Te e-mail address of the sender also can be familiar to the target, but perhaps one letter has been changed or is missing. An otherwise responsible employee reads the request and then complies with the familiar directions, not noticing that one or two small details are different than the normal activity. In these instances, employee education and awareness can help prevent a good bit of nefarious activity and act as a barrier to those wishing to gain access to your com- puter systems and processes. Other areas of your business also


deserve consideration for cyber secu- rity protection, and these areas often do not require participation from staff members within your metalcast- ing facility. Tink about some of the electronic information that might be located on your servers or otherwise within your control: data stored dur- ing your manufacturing process that includes information about particular heats or individual castings, operat- ing schedules, Standard Operating Procedures, engineering data regard- ing alloy formulations, 3-D models of


molds, etc. Tis data can be valuable to others, or sometimes others simply want to be malicious and destroy the data you control. Take steps to control access to your servers and computer systems as needed. We also need to consider the gold mine to be infiltrated and taken from many computer systems: personal data. Consider whether your serv- ers or other computer systems store data such as Social Security numbers, payroll information, birth dates, and


We don’t want our


way through the automated billing system to the big box retailer. Neither the HVAC contractor nor the retailer had an adequate gatekeeper within the billing system to prevent the electronic but from transferring itself into the big box retailer’s computer system. From the big box retailer’s comput-


metalcasting facilities to be the first link in a chain of


electronic infestations that make their way up and down a supply chain.


health conditions. Human resources files can be a significant prize for hackers, and we need to consider as many potential modes of attack as we can in order to help prevent personal data being taken and used for nefari- ous purposes to the detriment of your employees and associates. As an illustrative example, a big-


box retailer within the last few years was subject to a cyber attack that enabled outside parties to gain access to credit card and debit card informa- tion of customers. In the scheme, an electronic device infected the point- of-sale card readers and then sent the information to an outside computer. How did the card readers get corrupt- ed? It appears the big box retailer has automated, electronic billing proce- dures with its vendors. One vendor— an HVAC contractor—was infected, and the electronic device made its


er system, the electronic bug was able to install itself on the point-of-sale card readers at many, if not all, of the big box retailer’s locations. From that time until discovery of the problem, the offending electronic bug was able to read each card used to purchase goods, and transmit that information to an outside computer. Of course, in hindsight, prevention of the problem and its solutions seem obvious, but with our increas- ingly connected electronic world, it can be difficult to pinpoint each potential entry site for computer worms and viruses. Te point being that we don’t want our metalcasting facilities to be the first link in a chain of electronic infesta- tions that make their way up and down a supply chain. We


should consider how our electronic data and information can be suscep- tible to infection and tampering in order to protect ourselves and oth- ers. Proactive steps now can prevent potential damage and embarrassment down the road. It is a good idea to consult a trusted


Information Technology consultant or even an attorney who is experienced in cyber security issues to determine how best to protect your metalcasting facil- ity from these attacks. Some IT pro- fessionals can provide a standard list of concern areas that you can use for your facility and provide to your vendors and customers. However, please keep in mind that a standard list provided to a vendor might provide little return information. It might be best to tailor the list to particular concerns to be considerate of your business associates’ time and efforts.


September 2016 MODERN CASTING | 41


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60