Securing Operational Technology in a Hyperconnected World: How One Global Manufacturer Is Doing It Now
“The barrier between IT and OT is getting progressively smaller,” says Chief Information Officer Anthony Pua, referring to the twin environments of information technology and operational technology that he manages at Sunningdale Tech, a global maker of precision plastic components for the automotive, consumer, and healthcare industries.
“Traditionally, our manufacturing environments were clearly divided between IT and OT,” explains Pua. "As people embrace the industrial internet of things (IoT) and Industry 4.0…everything is pulling to the edge as the integration gap closes — it’s one of the biggest challenges in our current environment.”
Based in Singapore, Pua and his team control more than 4 million square feet of space on manufacturing floors around the world.
Like most providers in the industry, Sunningdale Tech balances new systems and IoT devices with the old, including those utilizing outdated hardware and software. This reality in manufacturing makes operational technology distinctly vulnerable — and threat actors have wasted no time exploiting those vulnerabilities. With a more than 2000% increase in reconnaissance targeting OT and industrial control, systems manufacturing has officially outpaced financial services, healthcare, and insurance as the world’s most attacked sector.
“With cyber threats against the industry continuing to escalate, Sunningdale Tech recognized the need for a new approach to cybersecurity,” Pua says. “Air-gapping, signature-based antivirus, and in-house monitoring and management were no longer sufficient. It was with this in mind that we set out in search of a full managed detection and response solution, which eventually brought us to BlackBerry CylanceGUARD.”
Disrupting Operations for Fraud and Profit
In the manufacturing sector, time is money. Work stoppages are to be avoided at all costs, making manufacturers a prime target for ransomware actors. In addition, manufacturing partners are often privy to valuable intellectual property, such as blueprints and designs, which are attractive targets for online theft and cyber espionage.
To make matters worse, manufacturers face the same skills shortages as most global organizations and frequently lack adequate internal cybersecurity expertise. Even those with a dedicated security team often don’t have enough personnel for around-the-clock monitoring. As a result, they find it difficult to staff 24x7 teams with full visibility into — and control over — an attack surface that grows larger and more complex by the day.
“Initially, we were able to operate effectively with a smaller internal team,” Pua continues. “But as we grew, managing everything ourselves became increasingly less realistic. And because there are so many companies competing to hire cybersecurity professionals, expanding our team wasn’t really an option.”
Overcoming Industrial Growing Pains
From its Singapore headquarters, Sunningdale Tech manages more than 8,000 staff worldwide, with operations in North America, China, Europe, Malaysia, India, Indonesia, and Thailand.
“From a cybersecurity perspective, our size actually puts us at a bit of a disadvantage,” admits Pua. “Because much of Sunningdale Tech’s growth involves acquisitions, we’ve ingested multiple operating environments, each with its own distinct technology. As a result, our infrastructure not only spans much of the world, it’s also far from uniform.”
To address these challenges, Sunningdale Tech ultimately chose to deploy CylanceGUARD®, a 24x7 monitored MDR (managed detection and response) service. CylanceGUARD provides Sunningdale Tech with access to trained threat prevention experts through a subscription-based model. It also includes CylancePROTECT® as its endpoint protection platform (EPP) and CylanceOPTICS® for endpoint detection and response (EDR). Leveraging Cylance® artificial intelligence (AI), these two prevention-first solutions provide enhanced visibility and security against both current and future cyber threats in both OT and conventional IT environments, from ransomware to device-based attacks, with lightweight clients capable of operating entirely offline.
At the Leading Edge of Manufacturing Convergence
Despite the complexities of its global IT and OT environments, Sunningdale Tech was able to deploy BlackBerry’s integrated security solution across the entirety of its global manufacturing infrastructure. The results were almost immediate. Because Cylance AI can operate offline and requires minimal human intervention, it reduced Sunningdale Tech’s daily security alerts from 20,000 to fewer than ten.
Pua also notes that reliance on BlackBerry also will considerably reduce the security risks of any future mergers and acquisitions, by proactively identifying and mitigating potential threats that might come to light when assimilating new organizations into the Sunningdale Tech fold.
As valuable as BlackBerry’s technology has been to Sunningdale Tech, it’s BlackBerry’s team of seasoned cybersecurity professionals that has made the greatest difference for Pua.
“The cybersecurity labor market in Singapore is very, very challenging,” explains Pua. “Hiring enough people to staff a large team internally isn’t always feasible. Having managed EDR through BlackBerry eliminates a lot of that workload, and we’re able to continue operating with our original team.”
The experience level of security teams from a global MDR organization such as BlackBerry should not be underestimated, according to Pua. For in-house security staff defending a single organization, it’s often rare to deal with highly sophisticated intrusion attempts. But stopping those kinds of threats is exactly what BlackBerry does on a day-to-day basis, and providing that level of expertise in the form of 24x7 monitoring is something Sunningdale Tech values highly.
“BlackBerry keeps our employees safe,” he continues. “That’s what they do best. And that leaves us free to focus on doing what we do best.”
Building a Secure Factory Foundation
Collaboration with BlackBerry hasn’t just been beneficial for Sunningdale Tech’s security outlook. It’s also been a learning experience for everyone involved, as BlackBerry experts regularly share knowledge and ideas with Pua and his team. This ties directly to what Pua believes is the most important advice for anyone in manufacturing that may be struggling to contend with OT/IT convergence.
“Besides having proper endpoint protection, you also need the relevant skillset and a culture of cyber awareness throughout the whole company,” he states. “Cybersecurity isn’t just about technology; that’s just one part of it. You need cyber awareness, knowledge, communication, and — above all — people.
“If I had to give someone advice on how to build a secure foundation, I would say managed services is the only real solution,” Pua concludes. “Get a managed service provider as an extension of your team: It’s the best way to scale up, and it’s always good to have someone behind you. That’s what BlackBerry does for Sunningdale Tech.”
For similar articles and news delivered straight to your inbox, subscribe to the BlackBerry Blog.
About Steve Kovsky
Steve Kovsky is former Editorial Director at BlackBerry.