Smarten up to cyber security

Register for Free  Sign In

According to a recent study by Deloitte – The Fourth Industrial Revolution is here. Are you ready? – just 20.7% of manufacturers rated themselves as ‘highly prepared’ for Industry 4.0, despite the benefits of connected technology being well documented. Smart technology can help organisations to make informed decisions that can turn a business into a predictor rather than a reactor. 

One reason, which still deters some food manufacturers – in particular SMEs – from taking the digital plunge, is the risk of a cybersecurity breach. Indeed, as more food processing equipment gains connectivity capabilities, so the threat of data breaches grows. 

Despite this, the benefits of transitioning from on-premises, hard copy data to a digital, cloud-based food quality management system are manifold – including increased accessibility and the ability to manage and use data in a more sophisticated way. 

Today’s ‘smart’, connected metal detectors allow immediate and remote access, making it possible to view current equipment status and take any necessary action to ensure continued, smooth production. Production managers can review and compare operational data, helping to identify trends and patterns which can help to increase productivity and improve operational efficiency. 

The addition of remote management solutions to quality control equipment allows operations to be managed from anywhere in the world using smart devices. Today equipment is available that can be connected wirelessly, using back-end SQLs to monitor activity and generate reports.

Despite fears of cybersecurity breaches, the risks of using paper records can actually be greater than digital data. Not only can manually collated information be incorrectly recorded, forgotten or lost, results can also be deliberately falsified. If a food producer cannot prove when and where inspection of products took place, they may be unable to demonstrate HACCP compliance and could be forced to re-inspect an entire batch. This not only slows down production, at worst it could trigger a product recall. 

However, Cloud-based records will be instantly available to demonstrate when and where testing took place. Some models even comprise automatic testing functions, which helps ensure the reliability and efficiency of the inspection equipment with minimal operator intervention. 

Furthermore, if product contamination is found, comprehensive digital records also help to limit the incident and streamline the investigation by eliminating locations and timeframes.

In order to ensure that smart equipment does not leave companies vulnerable to an attack from either external or internal threats, regular consultation with an IT specialist is essential. However, there are some simple ways to help mitigate the risks.

The most important line of defence is to keep networks separate. This could involve setting up a corporate network for areas such as finance and HR functions, and an industrial network, which governs the operational side of the business that keeps the factory running. 

Since the advent of the Internet of Things (IoT), there has been a rise in outside companies requiring access to internal networks. This could be to collect the data that’s being recorded, in order to improve systems and processes, or to open the control of whatever that appliance does. For example, if a metal detector has a fault, the supplier may request remote access to the machine to rapidly fix it and reduce downtime.  

To protect against unwanted threats it is advisable that food producers apply the principal of least privilege. “This means never giving a user more access than they need to perform their task.” 

One way to do this is to create a third network. Known as a DMZ, this third network acts as a secure path between internal networks and the external network. By only opening the particular ports needed to communicate on one network at a time, it ring-fences the rest of an organisation’s data and operational controls, and alleviates much of the risk.

Separating networks and limiting third-party access should cut the threat of an outside body infiltrating digital framework by approximately 90%. Yet, while the risk from ransomware, phishers and hackers should not be underestimated, the greatest risk regarding connected equipment is more likely to come internally. 

To mitigate this, it is important to design any system with traceability in mind. Some of the latest metal detectors come with user-specific login details. If an operator wants to make a change to the operational status or machine settings, they must first input their username and password, which is recorded onto a database and stored locally or in the Cloud. 

Being able to recall information regarding the person that actioned any changes, what they did and when they did it provides complete traceability. It also reduces the likelihood of internal cybersecurity breaches occurring in the first place.

As more equipment in the food factory becomes connected, increasing volumes of data will afford operators and suppliers ever greater control, improving efficiency, ensuring food safety and providing full traceability. Increased cybersecurity measures need to go hand in hand with this and it needs to become more sophisticated as connectivity grows.