A Q&A on Cybersecurity with Paragon D&E
Cybersecurity continues to be a critical issue for manufacturers, and after touring Paragon D&E a while back I knew they had things in order. So, I reached out to President David Muir to see how they handle cyber threats.
Cybersecurity continues to be a critical issue for manufacturers, and after touring Paragon D&E—a full-service tooling and machining company in Grand Rapids, MI—a while back, I knew they had things in order. So, I reached out to President David Muir to see how they handle cyber threats.
MoldMaking Technology (MMT): Why is it important for Paragon (and any mold builder) to have a solid handle on cybersecurity?
David Muir, President, Paragon D&E: As our systems continue to become more and more connected to systems around the world, the opportunities for an attacker to gain access to your network continue to grow. The attackers are no longer individuals working alone to try to steal something or cause destruction. Instead we’re trying to protect against highly financed groups including organized crime, companies engaged in industrial espionage, and even government agents and agencies. At the same, customers are becoming ever more aware of the threat and expect their information to be secure, and in some cases want to know what you are doing to keep it secure. With the growing frustration with the failure to keep data secure, the damage to reputation, the cost of investigating and addressing a breach, and potential legal ramifications continue to raise the risk of not addressing the threat.
MMT: Have you experienced any type of threat or attack on your systems or data?
Muir: The biggest threat we are forced to deal with is phishing emails. Despite email protection continuing to advance, and implementation of new technologies such as machine learning, we still receive several, sometimes dozens, of phishing attempts each day.
MMT: What hardware and software are essential?
Muir: A properly configured firewall is absolutely necessary. In addition, we have several virtual appliances monitoring network activity, user activity, and audit logs. Endpoint protection is a must. A good backup system can keep a bad situation, a system that’s been encrypted by ransomware for example, from becoming a major problem. From there, there are many tools available. It was recommended to us that we start with a system to perform log collection and analysis to alert us of unusual activity. We’ve implemented many additional systems as well to continue to strengthen our ability to detect, prevent, and contain any threat.
MMT: What personnel and training is key?
Muir: Employee education is key to even have a chance. They need to understand the importance and consequences of a breach, both at the company and at home. They need to be taught best practices for staying safe. And they need to be educated repeatedly on the types of threats they are likely to encounter with real life examples. There are many resources available to help.
MMT: What are some initial steps a mold shop should take for cybersecurity?
Muir: Start with the basics: a firewall, endpoint protection, backups, and employee training. Follow best practices. Security always comes at the cost of inconvenience, but you can no longer afford for that to be the excuse. Find the balance that fits your company, but then do it and stick to it. Make sure you have a Security Response Plan to handle any incident and a Data Breach Response Plan in the event you discover you’ve been compromised.
For More Information
Finding, Training & Retaining Employees, Part 13
The 5S system is a working tool for ISO 9001:2015 that was developed to help mangers and work personnel systematically achieve greater organization, standardization, efficiency and safety in the workplace.
Using aluminum tooling instead of traditional tools steels reduces cycle time and costs, but requires up-front, open communications between moldmaker, molder, material supplier and hot runner manifold supplier.