While cybersecurity risks may seem only within the purview of enterprise systems and critical infrastructure—such as the power grid, wastewater and transportation—the reality of it is that cybersecurity is often more critical at the industrial control system (ICS) level—and in the food and beverage industry, there are too many gaps in protection.
Unfortunately the number of vulnerabilities to sensitive ICS equipment isn’t improving. These vulnerabilities are largely caused either by “zero day” holes in vendor ICS equipment or the lack of an effective vendor software/firmware patch—or a patch that hasn’t been applied by the end user, a food or beverage processor or other manufacturer. A zero day hole is a vulnerability yet to be discovered by the ICS vendor, but may have already been found and exploited by an attacker.