Rapid digitalization challenges traditional manufacturing plant seclusion, redefining risk management strategies

In a bid to strengthen its cybersecurity posture, Georgia Pacific, a leading manufacturing company, has coordinated its 130 manufacturing locations under IT groups across the enterprise. This shift towards a centralized approach is a response to the increasing digitization of manufacturing environments and the growing threat landscape in Operational Technology (OT) domains.

The company is transitioning from site-level best practices to overall best practices, recognising the need for a unified approach to governance across IT and OT models. This unified approach is aimed at addressing the historical lack of context that can arise when long-serving employees retire, taking with them valuable institutional knowledge.

The approach to risk management in manufacturing environments necessitates a change due to increasing digitization. Cyberthreats to OT/industrial control system (ICS) environments have reached a new level this year, with high-profile incidents such as the attacks on Colonial Pipeline and JBS USA. As a result, companies are being forced to take a closer look at how and why IT and OT connect, because if they don't, malware would.

One of the key benefits of this centralized approach is the implementation of a holistic view of devices and technologies, including dependable asset management and visibility. This is offered by an enterprise Security Operations Center (SOC), which can alleviate individual plants of some monitoring workloads.

In the past, vulnerability notifications would require reaching out to several individuals and receiving different answers. With a centralized SOC, this process becomes more streamlined and efficient, providing a single source of truth for cybersecurity matters.

However, this shift towards centralization is not without its challenges. Leadership struggles to delegate cybersecurity responsibilities when OT workforces are already facing constraints. Fran Cioffi, CISO of Georgia Pacific, has addressed this issue by implementing standards and oversight to create a collaborative and productive effort for secure IT systems.

Georgia Pacific's secure IT systems are remote access-enabled to accommodate digital transformation and necessary data transfers between plants. However, the luxury of isolation is no longer prevalent in OT environments. Air gaps between IT and OT systems, which were once considered a solution, have always been a myth due to processes like patch management.

Organizations may struggle to understand where vulnerabilities lie between plants without a singular oversight umbrella. By adopting a centralized, enterprise-like IT and cybersecurity operations approach, Georgia Pacific is better positioned to control security risks in production environments, often by centralizing IT management, applying Zero Trust Network Access (ZTNA) solutions, and integrating advanced detection and response platforms such as Network Detection and Response (NDR) and Extended Detection and Response (XDR) to enhance threat visibility and response efficiency.

Corporate stakeholders want to better understand the risk calculus of their technology stacks, answering the question: Are we a target? By centralizing its cybersecurity operations, Georgia Pacific is taking proactive steps to address this concern and ensure the security of its critical infrastructure.

Rapid digitalization challenges traditional manufacturing plant seclusion, redefining risk management strategies