How Pharmaceutical Companies Can Fast-Track OT Security

Given the research-intensive nature of their business models, pharmaceutical companies are well aware of the importance of intellectual property (IP) protection, but another key line of defense that cannot be overlooked is the security of pharmaceutical production environments. In addition to revenue loss and reputational damage, any disruption to medicine manufacturing processes can have global health and economic impacts, especially as researchers around the globe rush to develop a vaccine for COVID-19. It's a high-stakes pursuit that the world is watching⁠—and so are cyber criminals.

Although early reports indicated that threat actors had pledged not to attack healthcare organizations during the global pandemic, it turns out we can't put much stock in these promises. A recent joint alert by the U.S. and U.K. warns of ongoing activity by advanced persistent threat (APT) groups targeting the sector, including pharmaceutical companies to steal sensitive research data and IP.

To protect IP and production processes, pharmaceutical companies need to secure the operational technology (OT) networks that connect critical machinery across manufacturing plants. This is often a challenge for the following reasons:

1. 1. Inconsistent security due to acquisitions: Many pharmaceutical companies grow by acquisition and thus inherit different approaches to security and multiple vendors and tools to service and maintain their patchwork of OT assets spread across geographically dispersed locations.

2. 2. Ransomware risk: Due to their size, scope, and profile, major pharmaceutical companies tend to be frequent targets of ransomware attacks. These attacks commonly enter through a VPN connection and then can spread from the IT network to the OT network where they can create operational disruption and downtime.

3. 3. Lack of OT asset visibility: IT and OT teams have zero telemetry and, thus, no visibility into OT networks. Attempting to implement the same IT security tools within an OT environment takes too long and often isn't effective or necessary. For example, anomaly detection systems used by the IT network are not effective at identifying potential malicious activity, like ransomware, within the OT environment.

Fast-tracking risk reduction

As vaccines for COVID-19 are being fast tracked, pharmaceutical companies are also finding they can fast track risk reduction across their manufacturing sites to address these challenges. Instead of recreating the complexity of the IT security stack—an approach that falls short—they're focusing on what they can do next week and next month to reduce risk the most, by deploying The Claroty Platform.

Leveraging Claroty Continuous Threat Detection (CTD), IT and OT teams gain granular details of all assets, sessions, processes, and corresponding risk levels, to identify threats and vulnerabilities in the OT network to mitigate risk and assure continued operations of critical processes.

Claroty Secure Remote Access (SRA) safeguards OT networks from threats introduced via unmanaged and unmonitored access by remote users, including employees and third-party vendors. Plant staff and third parties can access and service OT assets remotely, easily, and securely through a user-friendly interface. SRA also enforces privileged access controls and proactive monitoring, among other best practices, to minimize risks posed by remote users.

The Claroty Enterprise Management Console (EMC) simplifies management at scale, consolidating data from Claroty products and providing a unified view of assets, activities, and alerts across multiple sites. The Claroty Platform also integrates seamlessly via the EMC with IT security infrastructure, such as a SIEM solution, so that IT security teams can use existing and familiar tools to achieve comprehensive security across the entire OT environment.

We continue to enhance our solutions to deliver even greater visibility and accessibility to all users. Expansions to protocol coverage—as well as the level of detail provided at the asset, network, and process levels—further enhance visibility. Meanwhile, fully customizable dashboards enable users to more-easily filter, pinpoint, and action the information most critical to their priorities.

To learn more about how Claroty can help your team discover and mitigate vulnerabilities within your OT environment, request a demo.