Because smart manufacturing can't even leave the garage if it isn't secure, Jim LaBonty, director of global automation at Pfizer Global Engineering, led off the Life Sciences Forum at the 2016 Automation Fair event in Atlanta last November by detailing how Pfizer approaches cybersecurity.
"When we talk about security risks, it's not a matter of when, but rather how, one contains and limits the impact of a cybersecurity risk to industrial manufacturing," says LaBonty. "Every challenge to devices, applications, computers, networks and physical facilities is serious and needs to be considered when protecting plants and manufacturing sites.
“The key takeaway is that no single product, methodology or technology can secure today's manufacturing control system applications. We need to collectively work together on all aspects, such as patching software and running antivirus programs, to make sure we've established integrated layers of defense," he adds.
LaBonty reports that a war on automation infrastructures is underway, and that external intrusions and attacks have been ramping up for the past 10 years. However, he adds that control systems no longer can rely on their historically physical isolation, because so many now have links to higher-level enterprise systems and the Internet to get useful data out. Unfortunately, this creates security vulnerabilities that must be managed.
"Pfizer isn't perfect when it comes to cybersecurity, but we're working with our plant sites to establish these secure layers," he explains. "We're finding that they have different levels of security capabilities, but we also know this is a continuous process for everyone. This is because intrusions and cyberattacks are growing increasingly sophisticated.
“In fact, the number of attempted cyberattacks on most manufacturing sites — including Pfizer's — is now in the millions per day, so we've got to get cybersecurity infrastructures in place from our global networks down to the plant floor,” LaBonty adds. “Our initial cybersecurity designs were usually two network interface cards (NICs), Ethernet and servers, but we've been updating them to better designs."
More Threats to Control
As if the existing security situation wasn't dire enough, LaBonty reports that traditional hackers increasingly are joined by nation-states bankrolling teams of attackers breaking into corporate networks down to their lowest levels, mostly to discredit and disrupt their brands.
"Control systems must establish Defense-in-Depth (DiD), but they can also look at sending network logs and data back up to users for inspection," says LaBonty. "This can be very helpful because it lets users see if anything has changed or gone wrong at the control level, which is a huge advantage.