Case Studies in Industrial Cybersecurity

Pharmaceutical companies have long been a favorite target of sophisticated cybercriminals. But the pandemic has intensified the need for a risk-based cybersecurity program, and fast.

One global pharmaceutical manufacturer needed help building a cybersecurity program for its IT and OT systems. Unpatched OT assets were increasing security risks to manufacturing plants, and a lack of real-time visibility into threats to ICS controllers made it all but impossible to detect OT malware.

Compounding risks, the pharma company had not segmented its business networks from its industrial plant networks, nor had it limited traffic and pathways to and from critical manufacturing systems.

Looking to the future, the company knew it needed to educate its teams on good cybersecurity hygiene to create lasting, cultural security improvements.

What Was Deployed

After assessing the risks, this pharmaceutical giant partnered with Rockwell Automation, taking significant steps toward maturing cybersecurity protections through network segmentation, and by fortifying endpoint and perimeter security.

At the outset, a three-phase cybersecurity program was quickly designed and implemented. The first priority involved separating logical and physical networks at 64 global sites to help contain the spread of threats as they hit networks and systems. The company also boosted the security of perimeter devices to impede threat actors, and deployed application “allow lists,” to only allow application usage if the applications were preapproved, to protect endpoints.

Next, the company implemented a suite of threat detection services and implemented USB cleansing to centrally manage and monitor USB media on the OT network, to protect against threats or attacks — from inside and outside the network. The threat detection services also determine normal network behavior that can be used as a baseline and employ 24/7 threat monitoring capabilities to detect and raise a red flag when anomalous activities are detected. That helps the company identify activities that may pose a risk to its systems more quickly, or before attacks.

Outcomes

Rockwell Automation helped the pharmaceutical company design and implement an expanded security strategy across 64 global sites in approximately nine months. Doing so has improved the company’s ability to defend its OT and ICS assets from increasingly sophisticated cyber threats. The company now has real-time, consistent visibility into ICS threats across the global enterprise.

Pharmaceutical companies have long been a favorite target of sophisticated cybercriminals. But the pandemic has intensified the need for a risk-based cybersecurity program, and fast.

One global pharmaceutical manufacturer needed help building a cybersecurity program for its IT and OT systems. Unpatched OT assets were increasing security risks to manufacturing plants, and a lack of real-time visibility into threats to ICS controllers made it all but impossible to detect OT malware.

Compounding risks, the pharma company had not segmented its business networks from its industrial plant networks, nor had it limited traffic and pathways to and from critical manufacturing systems.

Looking to the future, the company knew it needed to educate its teams on good cybersecurity hygiene to create lasting, cultural security improvements.

What Was Deployed

After assessing the risks, this pharmaceutical giant partnered with Rockwell Automation, taking significant steps toward maturing cybersecurity protections through network segmentation, and by fortifying endpoint and perimeter security.

At the outset, a three-phase cybersecurity program was quickly designed and implemented. The first priority involved separating logical and physical networks at 64 global sites to help contain the spread of threats as they hit networks and systems. The company also boosted the security of perimeter devices to impede threat actors, and deployed application “allow lists,” to only allow application usage if the applications were preapproved, to protect endpoints.

Next, the company implemented a suite of threat detection services and implemented USB cleansing to centrally manage and monitor USB media on the OT network, to protect against threats or attacks — from inside and outside the network. The threat detection services also determine normal network behavior that can be used as a baseline and employ 24/7 threat monitoring capabilities to detect and raise a red flag when anomalous activities are detected. That helps the company identify activities that may pose a risk to its systems more quickly, or before attacks.

Outcomes

Rockwell Automation helped the pharmaceutical company design and implement an expanded security strategy across 64 global sites in approximately nine months. Doing so has improved the company’s ability to defend its OT and ICS assets from increasingly sophisticated cyber threats. The company now has real-time, consistent visibility into ICS threats across the global enterprise.

Automotive manufacturers are grappling with multiple challenges as they navigate rapidly evolving product demands and a transforming ecosystem. Amid chaotic conditions, a global automotive manufacturer became worried about its cybersecurity shortcomings.

Specifically, the company was concerned that OT vulnerabilities could allow cybercriminals to slip into IT and OT networks to steal sensitive information and disrupt operations and production lines. Though the company had recently invested in securing its critical manufacturing environment, leaders nonetheless believed that the networks remained vulnerable to breach. And because a flood of phishing and ransomware attacks have preyed on individual employees, the company knew enhanced threat awareness among employees would help reduce cybersecurity risks to the company’s IT and OT infrastructures.

Cyber threats to oil and gas systems are climbing as threat actors target the energy sector with ransomware and other malware. The Colonial Pipeline attack in the United States proved that breaches can severely disrupt Critical Infrastructure services and supplies, affecting millions of people and causing significant financial losses.

In parallel, the pandemic has sped the pace of digitization, along with the need for employees to work remotely, further increasing security risks. To reduce risks, a multinational energy company needed to strengthen its corporate risk management strategy. A key element included updating OT systems to minimize risks in the event of a cyberattack.

The company also knew it needed to proactively defend its digital assets by implementing a scalable threat detection platform that could rapidly identify vulnerabilities and potential threats, and generate data-driven operational insights to improve decision-making.

The business also needed help with managing costs related to technology obsolescence and modernization, as well as remediating inconsistent solutions engineering into a more unified infrastructure.