Racine Metal-Fab (RMF) is a fabrication company founded in 1968 and located in Sturtevant, Wisconsin. The company works with light-gauge materials to produce products for the lighting, technology, and medical industries. It specializes in sheet metal fabrication and, in addition to production, offers prototyping and engineering services.
Given the constant stream of headlines regarding hacking and ransomware incidents, leaders at RMF were motivated to learn more about the topic of cybersecurity. They attended Wipfli webinars and spoke with Wipfli cyber risk experts. Recognizing the potential risks to manufacturing in general—and to its company in particular—RMF engaged Wipfli to address two main questions:
- Where was the company exposed to cybersecurity threats?
- How would it respond to a cyber incident?
Taking a phased approach, Wipfli conducted external and internal vulnerability assessments as well as social engineering email phishing tests to give RMF a baseline on where potential compromises and gaps existed, with technical and business perspectives. Reviewing the results with RMF leaders, Wipfli identified, categorized, and prioritized the various vulnerabilities we found, ranging from software updates to end-of-life equipment to employee training. The review further included recommendations on how best to address the findings.
Wipfli then worked with RMF to develop an incident response plan that included necessary steps for addressing data loss. In addition, Wipfli enrolled RMF in a fraud and incident hotline to accommodate tips and delivered employee training to develop greater security awareness.
RMF received a Cybersecurity Risk Roadmap, giving the company a well-thought-out, phased approach for mitigating risks and gaining the peace of mind that comes with security insight and assurance.
Because of the assessments, RMF proactively reduced its risks by identifying hotspot vulnerabilities. It eliminated the easy-to-address ones right away and developed a workable plan for addressing the others based on priority. The company now also has a well-conceived incident response plan. The plan serves as an effective framework, giving the manufacturer the ability to identify and fix any breach quickly for faster recovery and communications.
Employee training and RMF leadership have now established a strong culture of security awareness, further mitigating the most common risk to security—the human factor.