Pharmaceutical Manufacturer Accelerates OT Security
In This Case Study
A global pharmaceutical manufacturer is committed to improving the lives of patients and consumers. As an industry leader, the company is always looking at new ways to better produce prescription medicines, vaccines and healthcare products. Increasingly, this means adopting cutting-edge technology within their manufacturing plants -- from artificial intelligence and machine learning to the internet of things (IoT) and digital twins.
As the company incorporates more digital technology into its production process, it creates more opportunities for bad actors to enter the plant network. Once in, they can either disrupt production or gain access to IT systems that contain patient data and intellectual property.
To mitigate these risks, the company had begun efforts to segment plant networks -- separating IT and OT environments to head off threats and contain attacks.
But network segmentation is no small feat, especially when an average plant contains up to 30 process groups that can include 125 assets per group.
In order to protect the business without disrupting the business, the company needed to gain a thorough understanding of the nature and interdependencies of:
- Manufacturing processes
- Manufacturing applications and production assets
- Information technology infrastructure
With manual approaches to documenting interdependencies stalling segmentation efforts, the company turned to WWT to help them with operations and technology discovery.
To address the need to discover and document the intricacies of manufacturing operations, we piloted our OT Assurance Service at two of the manufacturer's plants.
OT Assurance combines people, tools and process to give plant stakeholders an integrated view of their environments – from processes and applications to assets and technology infrastructure. Once they have this view, stakeholders can confidently apply security controls.
Three key data types must be integrated and analyzed for OT Assurance. They are:
- Asset data, used to identify inventoried assets and configurations.
- Network telemetry, used to identify network-connected IT and OT assets, systems and related data flows.
- Operational knowledge, used to identify operational processes to add business context to asset and network telemetry data.
Integrating and analyzing these disparate data sources is complex and nearly impossible to accurately complete within a reasonable timeframe using a manual approach.
To ensure accuracy and speed, WWT used our proprietary Data Aggregation & Analysis Engine (DAAnE).
Our OT Discovery and Dependency Mapping specialists used DAAnE to automate the integration, analysis and visualization of asset data, network telemetry and operational knowledge. The result was a comprehensive, real-time view of the company's manufacturing environment.
After initial discovery, we developed functionality within DAAnE to track changes in the environment. Because programs like network segmentation can span weeks, months or even years, incremental change information is key to aligning production schedules and maintenance windows during the course of a program. Explore application dependency mapping (ADM) by requesting an assessment.
The company now has a comprehensive view of interdependencies between manufacturing processes, supporting systems and applications, and underlying technology infrastructure.
Moving forward, plant stakeholders can apply security controls related to network segmentation, knowing that changes won't disrupt production or need to be rolled back later.
The company can also use data gathered from our OT Assurance Service for other strategic programs, such as geo segmentation, network modernization and digital transformation initiatives.