Advance Manufacturer Operational Technology

The Challenge

To be successful, manufacturing companies must balance steep operational demands while complying with increasingly stringent regulations and preventing more sophisticated threats. Operational efficiency and digital factory initiatives often rely on increased connectivity for previously air-gapped OT systems, while also exposing these vulnerable systems to a broader range of threats. As connectivity increases, businesses need to ensure equipment remains protected while the exposure to cyber threats is heightened. 

Our client approached Booz Allen to design and execute a global OT cybersecurity transformation that would drive resilience, reduce risk, and enable shop floor operations by providing real-time visibility and protection for their OT environments.

The Approach

To design and execute a global OT security transformation tailored to the company’s business model, we delivered an integrated team including transformation strategists, OT practitioners, and cyber analytics experts.

First, we conducted a rapid review to determine the current state of cybersecurity maturity and business criticality of all associated manufacturing and distribution center locations within the scope of the project. The site evaluation enabled the creation of a three-year program focused on OT monitoring, OT asset inventory, OT network segmentation, OT threat analytics, and OT security capability governance. The outcome of this phase defined the OT asset landscape, enforced OT network and user access, and enabled threat analytics and Security Operation Center (SOC) integration while driving a sustainable approach to building a mature and enduring OT cybersecurity capability within the business. 

Next, a subset of manufacturing sites were selected to be a part of the pilot phase of the program. During the pilot phase, four sites across various strategic business units received targeted OT security controls. The pilot informed the creation of standard reference architectures and implementation playbooks and determined the internal and external governance necessary to enable successful program execution at scale.  

Finally, armed with a firm understanding of the technology implementation requirements and associated execution governance, Booz Allen’s team partnered with key stakeholders within the client organization to execute the overall program scope. Throughout design and execution, key considerations were made to ensure operational uptime was maintained, while governance activities ensured that the implemented technology scope was being properly addressed through the creation of necessary standard operating procedures, role alignments, and reporting functions. The efforts involved coordinating vendor and client resources to enable implementations at 44 sites across six strategic business units. 

The Solution

As a result of the program execution, the client now has increased visibility into their OT assets' potential threats and risky behaviors across their manufacturing and distribution landscape. Their network segmentation architectures have been implemented to provide dedicated containment zones for OT assets, enabling protection from external threats, and reducing the probability of successful malware propagation within their OT environments. An OT security governance strategy created in phase one will continue to enable the build and turnover of overall OT security capability governance in future phases. Prior to completing this program, the client’s cyber insurance provider required a co-insurance clause to provide necessary coverage. The co-insurance clause is no longer required as a result of the program’s implemented scope, and now the client has successfully increased their cyber coverage from $50 million to $100 million. 

Program milestones include:  

  • Within 5 months and at 40+ manufacturing and distribution center locations: 
    • Gained visibility into shop floors and associated threats and vulnerabilities by installing OT passive monitoring tools; enabling the completion of the following OT security activities:
      • OT asset inventory reconciliation at all sites to inform threat detection and response
      • OT Threat analytics use case development to enable real-time OT threat alerting within the SOC
  • Within 12 months and at 13 manufacturing locations:
    • Reduced long-term risk to sites by implementing OT Network Segmentation Architectures to enable OT firewall enforcements
  • Within 12 months, the global impact included: 
    • Long-term OT security management by developing a Global OT Security Governance Framework and underpinning procedures for sites, business units, and corporate center functions to execute
    • Buy in from the board of directors, C-suite executives, and business unit leaders to execute and support the program
    • Reduced financial risk by helping the client increase cyber insurance coverage
    • Long-term OT security investment strategy, including business-as-usual operations, within the context of digital and IT portfolios
    • Integrated OT security as a way of doing business by aligning OT security architectures with their “Digital Factory” architectures

Securing OT environments across large diverse businesses requires a multiyear program. Our partnership with this client continues through transformation efforts, and targeted technology implementations to reduce the overall attack surface and control access to their critical OT environments. This results in greater operational resilience, and an ability to embrace Digital Factory solutions, while significantly reducing overall risk to the business.