Challenge:
Pharmaceutical companies have long been a favorite target of sophisticated cybercriminals. But the COVID-19 pandemic has intensified the need for a risk-based cybersecurity program, and fast.
One global pharmaceutical manufacturer needed help building a cybersecurity program for its IT and OT systems. Unpatched OT assets were increasing security risks to manufacturing plants, and a lack of real-time visibility into threats to ICS controllers made it all but impossible to detect OT malware.
Compounding risks, the pharmaceutical company had not segmented its business networks from its industrial plant networks, nor had it limited traffic and pathways to and from critical manufacturing systems.
Looking to the future, the company knew it needed to educate its teams on good cybersecurity hygiene.
Solution:
After assessing the risks, this pharmaceutical giant partnered with Rockwell Automation, taking significant steps toward maturing cybersecurity protections through network segmentation, and by fortifying endpoint and perimeter security. At the outset, a three-phase cybersecurity program was quickly designed and implemented.
1. The first priority involved separating logical and physical networks at 64 global sites to help contain the spread of threats as they hit networks and systems.
2. Next, the company boosted the security of perimeter devices to impede threat actors, and deployed application “allow lists,” to only allow application usage if the applications were preapproved, to protect endpoints.
3. Finally, the company implemented a suite of threat detection services as well as USB cleansing to centrally manage and monitor USB media on the OT network, to protect against threats or attacks — from inside and outside the network. The threat detection services also determine normal network behavior that can be used as a baseline and employ 24/7 threat monitoring capabilities to detect and raise a red flag when anomalous activities are detected. That helps the company identify activities that may pose a risk to its systems more quickly, or before attacks.
Results:
Rockwell Automation helped the pharmaceutical company design and implement an expanded security strategy including USB cleansing, perimeter device security, and separating networks across 64 global sites in approximately nine short months. Doing so has improved the company’s ability to defend its OT and ICS assets from increasingly sophisticated cyber threats. The company now has real-time, consistent visibility into ICS threats across the global enterprise with the ability to detect threats before an attack happens allowing for more secure operations and a defense strategy protecting their assets from cybercriminals.