The importance of holistic cybersecurity for the food industry
By Quade Nettles, Global Cyber Security Services Portfolio Manager at Rockwell Automation
A long-standing myth in the manufacturing world is that manufacturing systems are not a target. What benefits a hacker to enter and play with the controls that create a cookie packet? Unless corporate espionage, there is not much to be gained from an information standpoint, but now with the rise of cryptocurrency, all businesses, in all industries. and of all sizes, are vulnerable to a ransomware attack.
Before this increase in ransomware, the value of cybersecurity was sometimes a difficult topic for IT security and operations professionals to grasp. The view that cybersecurity is ‘just a cost’ is common among corporate decision makers who hold budget purse strings – but recent ransomware attacks, like those that shut down JBS United States Holdings in the spring of 2021 and cost the company $ 11 million in ransom, prove its greater operational value.
As these cybersecurity events occur more frequently, having the right systems in place to help prevent, mitigate and recover when a breach does occur is critical. As decision-makers review the security policies, procedures and controls that need to be in place along the continuum of a cybersecurity event – before, during and after – the visibility and ability to monitor changes in the network during of each of these steps are crucial. Not only does it provide great value from a cybersecurity perspective, it also contributes to the overall health and resilience of an organization’s operations.
Take a closer look at best practices for each step of the continuum.
Before an event: Build a solid inventory of Information Technology (IT) and Operational Technology (OT) assets. With a better understanding of connected and disconnected assets, you can more easily characterize security risks in your environment. An added benefit of this step is an updated asset inventory. This can be used to help you minimize lifecycle risk by stocking an appropriate number of spare parts on-site, anticipating end-of-life dates, and proactively maintaining your critical assets.
During an event: The ability to detect when an event is occurring requires a level of visibility into your operations that until recently was difficult, if not impossible to achieve. Various security technologies and controls can provide continuous monitoring and detection for increased visibility into normal day-to-day operations. Any event that deviates would signal an alert. Deploying the right sets of cybersecurity tools for your needs provides a higher level of visibility into operations, with the added benefit of establishing a baseline for “normal” operations. This visibility is provided by alerts when abnormal events, such as an incorrect maintenance task, occur.
After an event: With the correct response and recovery programs in place, such as backup and disaster recovery procedures for applications and data, organizations can become programmatic to respond to abnormal events. If the appropriate policies and procedures are in place to respond effectively to a cybersecurity event, operations are able to return to normal production more quickly afterwards.
A strong and resilient cybersecurity position may be worth the investment in peace of mind on its own, but can deliver real cost savings. The ability to quickly recover from cyber events, whether malicious or accidental, with appropriate response / recovery technology and procedures and technology in place can directly translate into reduced downtime, resulting in reduced downtime. greater productivity. For example, the ability to restore an application because backups and procedures were already in place minimizes the opportune activities to manually restore the application.
Finding operational value in cybersecurity initiatives isn’t hard to do, and as ransomware attacks spread across the market, it’s a good reminder that there are many ways to be proactive when it comes to cybersecurity. . As we’ve learned, the real value of complete cybersecurity lies not only in the continuum of protection provided for systems and equipment, but also in reducing and preventing costly downtime.
Quade Nettles manages cybersecurity related services at Rockwell Automation. Quade’s primary responsibility is to develop the strategic roadmap for industrial cybersecurity services, including advisory services such as risk assessments and penetration testing, as well as managed security services such as threat detection. and incident response.