Higher digital plant maturity levels are characterized by enhanced levels of automation, greater reliance on digital technology and increased use of electronic data. Initiatives such as Industry 4.0, the Industrial Internet of Things (IIOT) and the digital transformation of a plant all drive towards the fully connected plant – yet inherently increase the risk to operations and the likely number of cyber security events.
To tackle this problem head-on, the BioPhorum IT Cyber Security Workstream has been writing the BPIT Cyber Security Education Series, which is a collection of articles, short papers and ‘how-to’ guides that address emerging issues in cyber security and protecting plant operations in today’s fast-moving environment.
The team has now published the latest in the series, which is a new and exciting How to write a disaster recovery playbook for the manufacturing environment guide that will help companies shift their attention to developing effective recovery plans that are fit for purpose and fully tested. It also advises on improved stakeholder management and better communications to understand the problem and the steps required to recover from the disaster situation.
The journey so far
During 2020, the team has worked on diverse topics as part of the Education Series that were published earlier in the year. The first piece was on Improving performance against boutique vulnerabilities, which analyzed the impact, actions and lessons learned from some recent named cyber attacks. At the same time, IT vs OT characterized the framework, differences and success metrics from each function. The team then summarized the trends in usage, adoption, technologies and issues experienced in its Configuration management database (CMDB) use cases paper. This was followed by the CMDB data model, which outlined a standard structure that could be used to describe a manufacturing system detailed in a shop floor/OT CMDB.
These papers have delivered a range of benefits to members, such as:
- Providing ready-to-consume publications explaining basic problems
- Giving members useful reference information on common cyber security challenges
- Understanding and articulating the differences between IT and OT systems
- Encouraging organizations to shift attention to developing effective cyber strategies.
The success of the series has prompted the team to focus on two critical topics for the manufacturing environment: detection and patching.
There is no single approach or toolset that will detect vulnerabilities seamlessly across IT and OT, with member companies approaching the issues of ‘detection’ in the manufacturing plant in different ways. The team’s planned paper, due Q1 2021, will articulate best practices in detection across process, people and technology and the wide range of levers that companies can pull to handle these issues.
To improve their response and reduce the time and effort required if a cyber attack happens, companies are all investing in routine patching where possible. The team’s upcoming paper on best practices for patching and mitigating risk in the OT environment will provide advice to address the numerous barriers to patching. It will also explore practices that can be deployed where patching is not always possible, while still mitigating the cyber risks associated with unsupported operating systems/applications.
This enthusiasm for addressing cyber risks can be seen in a new initiative from the team. In November, the first BioPhorum IT Chief Information Security Officer (CISO) collaboration meeting was held, which had great energy and contributions from all involved. There was evidently an appetite for continued conversations and a desire to work together to solve some of the common problems faced by the member CISO community. Several priority problem areas were identified and the group will reconvene in January to continue the discussions.
Throughout 2021, the team will continue to build on the foundations of the education series, its successful ‘compare and share’ approach and CISO meetings to create a set of BioPhorum guiding principles for cyber security in pharmaceutical manufacturing. That is when the team’s highly engaged and collaborative approach will start paying even more dividends.