Power Lunch: Cybersecurity Challenges Continue

May 14, 2024
There are numerous advantages when operational technology and information technology converge, but security vulnerabilities arise.

By Patrick Corbett of PepsiCo and ISA

With the rise of digital transformation across all industries comes the convergence of operational technology (OT) and information technology (IT) in manufacturing environments. While IT/OT convergence enables greater operation efficiency, connectivity and productivity, the integration of these technologies introduces a number of cybersecurity challenges.

This is a constant learning curve for all companies regarding how to protect their infrastructure, including food & beverage. In 2020 there was an increase of 607% in cyberattacks in the agriculture/food & beverage industry from the previous year, according to Malwarebytes, proving the industry is not exempt from cybersecurity risks.

Legacy systems

One of the main cybersecurity issues food & beverage companies face is securing legacy systems. According to Tata World, over two-thirds of businesses are relying on legacy systems and mainframe applications. These legacy systems are a huge challenge to address.

From an operational view, you have personnel that have been operating the equipment for many years and have come to understand the HMI graphics and all the alarms. Also, the equipment could have been running efficiently since day one and it can be difficult to convince stakeholders to upgrade. On top of that, upgrading legacy systems is costly, as it's not a straightforward “swap.” All the equipment must be re-assessed to ensure compatibility and re-validated.

Remote access

Another cybersecurity challenge for the food & beverage industry is remote access. Many vendors that supply equipment may include a service level agreement (SLA) with the end user for support. The vendor usually offers a router that includes a VPN that inherits huge risks such as unauthorised access and data access. Through the VPN, vendors can access the equipment without authorization. A similar threat to remote access is related to unauthorised remote changes.

Visibility

According to Dragos, 75% of their customers had limited to no visibility into their ICS/OT environment. OT Asset visibility is arguably one of the most important pieces when trying to secure your OT environment, because if you don’t know what’s existing in your environment then you can’t possibly protect your assets fully.

According to a special report by Food Processing, only 52% of respondents said they have a segmented network. Implementing a segmented network is a very challenging task that requires thorough planning and liaising with operations to get downtime for testing a cutover.

As the food & beverage industries continue their digital transformation journey, there are many cybersecurity challenges such as the convergence of OT/IT, use of legacy systems, remote access, remote changes and asset visibility. While it may seem like a daunting challenge, many of these risks can be overcome through thoughtful use of budget, as well as the opportunity for downtime to implement and test solutions.

Patrick Corbett is Senior Global Automation Engineer at PepsiCo, Secretary of the ISA Ireland Section and 2024 Chair of the ISA Young Professionals.

Sponsored Recommendations

4 shipping challenges that a dedicated carrier can solve

Navigating the logistics industry is challenging. Find out how a dedicated transportation solution can solve some of the most common shipping challenges.

Recipe for successful growth: Schneider’s dedicated fleet services helps bakery rise

Learn how a large bakery company complimented their private fleet with Schneider Dedicated freight services to increase freight capacity, amplify visibility & reduce costs.

Produce grower optimizes network and delivery consistency

An organic produce grower's fractured transportation model resulted in a lot of empty miles and brokered freight for a producer. Learn how they were able to optimize their transportatio...

Schneider Dedicated grows refrigerated transportation for organic grocer

An organic grocery retailer with locations nationwide needed a shipper that could match its reach and volume. Schneider created a custom refrigerated transportation solution to...