By Pritam Shah, Global Practice Head – OT Security, Inspira Enterprise
As the pharmaceutical sector embraces digital transformation with a focus on smart manufacturing, digital supply chains, phase IV trials, and customer value, cybersecurity and OT (Operational Technology) security take center stage. Pharma organizations, housing sensitive patient data, clinical trials, patented drugs, and technological advancements are enticing targets for cybercriminals, as seen in recent attacks on Sun Pharma and Granules India. Such incidents globally impact public health and national security.
OT devices in pharma, like in other sectors, initially were not built with security in mind and relied on air gaps for separation. Today’s technological advancements blur the line between OT and IT, offering productivity, efficiency, and faster time to market, but unfortunately introducing high-security risks. Among the many challenges faced by pharma organizations, IT/OT convergence and legacy OT systems are significant concerns.
Threat actors are increasingly targeting the convergence point of IT and OT driving the need for a unified defense strategy to bridge the gap between IT and OT security.
- Define Roles and Responsibilities: IT Security teams typically lack access to OT assets due to physical or logical isolation. It is, therefore, crucial to appoint, dedicated OT/IoT security managers for each plant. Outlining the duties and responsibilities of both IT and OT teams while cultivating collaboration is key.
- Awareness and Training: Train all team members with OT/IoT access on cybersecurity practices, risk recognition, and other dos and don’ts. Security awareness and cross-training are essential for IT and OT personnel at all levels to ensure a comprehensive understanding of IT/OT convergence risks.
- Compliance and Regulatory Requirements: Top of Form New technologies and innovation bring new challenges and risks that IoT/OT security teams must be made aware of. They should understand the benefits and risks, employ security measures and meet compliance requirements. Teams should stay informed and establish compliance reporting with new regulations getting introduced.
- Asset Visibility and Inventory: IT solutions are unable to detect all OT/IoT devices due to their limited understanding of OT protocols. OT solutions employ 100s of protocols that are not familiar with standard IT security controls. Both security teams must identify, classify and inventory all network assets. A centralized dashboard should be used, as it enhances visibility and enables continuous monitoring of multiple OT/IoT systems.
- Network Behavior Mapping: Once visibility is established, mapping all IT-OT communications is critical to protect the OT environment from disruptions. Understanding network behavior is key and unified dashboards can aid in this process. Monitor OT/IoT network variables, protocols, access ports, and links for detecting unusual activity and anomalous behavior.
- OT MSSP/Managed Services: Once OT Asset visibility and IDS solution are deployed, it is imperative to monitor alerts that may get generated for expedited remediation, operating round the clock. OT Managed Services such as OT/IoT Monitoring and Remediation, Incident Response and Vulnerability Management, Digital Forensics, Threat Intelligence advisory, etc., play a very crucial role in making your OT systems Cyber-ready.