Better secure than sorry
Product and process security is one of the focal topics at ACHEMA 2021, as the Internet of Things calls for an intensified approach to secure the interaction between the physical and the virtual worlds.
Has your company already been hacked? If not, you should expect the attack. According to IT experts, there are only these two states and all you can do is to prepare well.
This may seem like a gloomy attitude, but it is backed by impressive numbers. The latest World Economic Forum report on global risks lists cyberattacks and data fraud as two of the top five risks companies are most likely to face. While safety systems are well established and the number of accidents with personal injury is decreasing steadily, cyberattacks are becoming all the more prevalent and in the process industry, too. Lanxess, BASF, Siemens and Henkel are known to have been infected with "Winnti malware" in 2019 and even German "safety and security" specialist Pilz couldn’t evade an attack with "ransomware". In this case, it was directed at office communication systems, but IoT devices are increasingly becoming part of operation and production and need special attention to keep processes and products secure. With every valve that has an IT interface and with every "intelligent" pump sending data into the cloud, IT- and "cybersecurity" rise to the top of the list of things to be concerned about. In times of IoT, each supplier, each automation component and each person represents a potential risk. Therefore, the responsibility lies with every player along the supply chain. ACHEMA 2021 is now putting a spotlight on these challenges. Moreover, the Digital Hub in hall 12 welcomes key players in software and digitalisation to the ACHEMA family. You haven’t seen them at the show before, but we are sure you wouldn’t want to miss this valuable addition.
No man is an island, nor is a company
Working with an air gap that physically disconnects a system from the internet is one way to keep assailants at bay. However, the global economy is interconnected and many businesses depend on complex supply chains. Business partners and suppliers need to trust each other as well as their cybersecurity practices. If you can’t be sure that your supplier patches known system vulnerabilities with due diligence, a business friend can quickly become a "frenemy", threatening your own operations.
When trust is an issue, distributed ledger technologies such as the blockchain are often quoted as the solution. Managing data in a decentralised way is supposed to make them immune against falsification. Blockchain expert Prof Philipp Sandner and colleagues elaborate about use cases in the chemical and pharmaceutical industries. Blockchain practitioner Dr Silvio Stephan presents a real life application in the chemical industry which he claims that it has the power to change the whole process industry.
Remember the human factor
Identifying, assessing and addressing the vulnerabilities of your business is the first step towards secure products and processes. Technical aspects, such as data backups and patching software vulnerabilities come to mind first. Have a look over the shoulder of Moritz Lottermann, specialist in penetration testing. "Contract hacker" by trade, he evaluates possibilities to break into his clients’ systems, just as a malevolent hacker would do.
Technical considerations aside, human error is the one factor that the majority of hackers use to breach networks. Haven’t we all received e-mails from the Nigerian connection, asking to pay money before you get the huge payoff (that never actually arrives)? That’s social engineering, targeting greed - a basic human trait. Social engineering comes in many flavours, and it doesn’t need to be digital. It can be as basic as the unknown person joining the group of smokers discussing business in front of the office building and walking away with useful information about the company.
Only authentic drugs save lives
When it comes to pharmaceuticals, product security can become a matter of life and death quickly. Maintaining the cold chain is vital for drugs such as insulin. Drug counterfeiting is growing problem around the globe, thus legislators took action. China was a frontrunner in implementing serialisation regulations. In the European Union it has been a year now that every single box of prescription drugs needs to be clearly identifiable and bear a tamper-evident label. The example of serialisation shows particularly clearly the importance of secure production processes in pharmaceutical technology. Previously, the drug packaging was protecting the contents and a brand carrier for the manufacturer, now it has developed into a data carrier and certificate of authenticity.
-- MARLENE ETSCHMANN --