Background
In response to the growing cybersecurity risk faced by manufacturers, a leading food and beverage manufacturer undertook a strategic review of its cybersecurity effectiveness in its manufacturing plants. The company was mostly concerned about the cybersecurity of its Operational Technology (OT) infrastructure within each plant. The security team had already installed a state-of-the-art Deep Packet Inspection (DPI) based monitoring system for asset discovery, anomaly detection, and segmentation support. The leadership team, however, wanted to validate the effectiveness of the solution in overall risk management.
The company engaged ResiliAnt to assess OT cybersecurity risk in one of its high throughput US-based bottling plants.
Key observations
The installed OT cybersecurity solution was able to accurately discover most of the network connected assets. However, many systems, especially those communicating via proprietary protocols, having multiple MAC addresses, and connected in P2P fashion, were neither discovered nor accurately classified. The plant lacked a process of validating the accuracy of asset inventory and classification.
It was discovered that 83% of connectable devices in this plant had security vulnerabilities; there were 31,000+ vulnerabilities yet to address. The installed solutions’ inability to discover all assets, accurately classify and profile discovered assets, accurately and comprehensively identify associated vulnerabilities, and timely remediate the identified risk caused the organization to operate under a false sense of security. The plant also did not have a clearly identified owner for ensuring OT cybersecurity risk is managed well. A lack of a programmatic approach to OT cybersecurity led this plant to face poor return on its investment in previously installed OT cybersecurity tools.
ResiliAnt's proprietary solution helps organizations manage their operations technology (OT/IoT) related to cybersecurity risk. To learn more, please reach out to us at info@ResiliAnt.co.