Note to corporate & operations management: Cybersecurity is your responsibility

Living as we do in an increasingly digitalized world, new security challenges are materializing at an alarming pace, and few are as perplexing and troublesome as cybersecurity.

Oem 832082 Gettyimages 678819951

This guest column was written by Ben Miyares, Packaging World contributing editor

“We stand on the brink of a technological revolution that will fundamentally alter the way we live, work, and relate to one another. In its scale, scope, and complexity, the transformation will be unlike anything humankind has experienced before... The First Industrial Revolution used water and steam power to mechanize production. The Second used electric power to create mass production. The Third used electronics and information technology to automate production. Now a Fourth Industrial Revolution is building on the Third, the digital revolution that has been occurring since the middle of the last century. It is characterized by a fusion of technologies that is blurring the lines between the physical, digital, and biological spheres.”

–Klaus Schwab, Founder & Executive Chairman, World Economic Forum-14 January 2016

As the Fourth Industrial Revolution to which Klaus Schwab refers gathers momentum and the lines between physical and digital grow increasingly blurred, the issue of cybersecurity has become a key concern. In the wake of recent global ransomware attacks, there is a growing realization that cybersecurity is everyone’s responsibility, not just an IT issue. Consequently, some companies are scrambling to bolster their cybersecurity defenses, gain operational cyber risk and remediation intelligence, and train operations managers in the art of cyber self-defense.

But the reaction is far from universal. “Cybersecurity is an understandable concern and continued education is needed for end users and OEMs to become comfortable with continuous data exchange and analysis,” notes PMMI in its just completed report, “The Evolution of Automation.” (For complete study, go to pwgo.to/3040). Based on interviews with 60 end users, OEMs, technology suppliers, and “industry experts,” the report suggests that while a majority (58%) of information technology (IT) and operational technology (OT) departments are working together, a substantial minority (42%) of those interviewed say either OT/IT collaboration is not happening, they’re not sure if it’s happening, or if it is happening, the process “needs improvement” (Figure 1).

Recent technological advancements are drawing manufacturing operations managers into realms far beyond the traditional packaging and processing technologies, including such things as autonomous robots, 3D printing (additive manufacturing), interconnected sensors, smart phones, and GPS devices that are touchpoints on the Internet of Things. The Fourth Industrial Revolution, or Industry 4.0, finds today’s managers coping with systems that operate in near “dark factory” autonomy. Gone are the days when any clickety-clacking packaging line could be serviced by any one of the team of operators it took to run the machine, so long as the operator had a wrench.

Transformation is coming
The Fourth Industrial Revolution, says Dr. Schwab, “is disrupting almost every industry in every country. And the breadth and depth of these changes herald the transformation of entire systems of production, management, and governance.” Unfortunately, the May 12th and June 27th global ransomware attacks that infected upwards of 400,000 business and government computer networks in more than 60 countries are one negative consequence of the evolving manufacturing landscape. The understandable fear of operations managers is that the two attacks—which exploited operating system vulnerabilities, encrypted mission-critical data, and shut down production lines—won’t be the last, leaving neither large nor small packaged goods manufacturers unscathed.

In the wake of the May 12 and June 27 ransomware attacks, hundreds of companies, governments, healthcare institutions, and manufacturing operations around the world were privately assessing the impact of the malware intrusions on their operations. A few companies went public after they were attacked:

• Seven days after the June 27th virus hit, global confectionery manufacturer Mondelez International was putting as good a face as one could expect on the cyberattack that reportedly disrupted shipping and invoicing during the last four days of the second quarter and cut three percentage points from its second-quarter sales growth. Mondelez said it was “making good progress in restoring our systems across the enterprise. Since the time of the incident, our teams have done remarkable work to continue to operate the business, manufacture our products, serve customer needs and progress the recovery activities. We believe the issue has been contained and a critical majority of the affected systems are up and running again.”