pulp processing facility

Case Study

Improved Cybersecurity Helps Paper Mill Manufacturer Extend Control System Lifespan

Pulp and Paper Mill | North America

Knowing that their production control systems were outdated and vulnerable to cyber threats, this North American manufacturer also knew the upgrades would be quite expensive. Before making a large upgrade investment, this pulp and paper manufacturer commissioned a full OT cybersecurity risk assessment with Mission Secure for several of their paper mills and distribution facilities. They then partnered with Mission Secure to establish and deploy comprehensive OT network visibility, implement tighter network protections and segmentation, safeguard their vulnerable control systems, and temporarily deferred expensive control system upgrades.

Clear OT
Network Visibility

+
Stronger Operations Network Security
=
Extended Control System Life and Deferred Upgrade Investments

paper roll processing

The Customer

The customer is a leading innovator in paper and packaging design and production, with numerous distribution facilities and multiple paper mills across North America. With a broad portfolio of paper and packaging solutions, the customer is committed to operational excellence, environmental responsibility and exceptional customer service while trying to stay at the forefront of emerging pulp and paper industry technologies.

The Challenge

The customer was aware that their paper mills had outdated control systems equipment with existing operating system vulnerabilities that could no longer be patched. They were considering expensive system updates to eliminate these vulnerabilities and upgrade their control systems capabilities. However, before making these significant investments, they chose to conduct a full cybersecurity assessment to understand the risk posture in their OT networks and the full extent of security vulnerabilities in their production facilities.

Our dedication to innovation and the continued success of our customers is dependent on our ability to orchestrate our production effectively, decrease overhead and maintain market share. We needed to improve the security of our OT networks without negatively impacting the grueling demands of our daily operations.”
—Principal IT Security Engineer

The Comprehensive Cyber Solution

The customer engaged with Mission Secure to conduct comprehensive OT cybersecurity risk assessments for a number of their paper mills and distribution facilities. In addition to the previously known vulnerabilities and outdated control systems, the joint team also discovered:

  • Other unpatched control systems with vulnerabilities
  • Inconsistencies and misconfigurations across the OT networks
  • A high number of non-business devices like Rokus, Amazon Fire TV Sticks, and other personal wireless systems connected to the production networks added unnecessary risks
  • A high volume of external network traffic to and from foreign IP domains
  • The use of insecure protocols, including Remote Desktop Protocol (RDP)

Based on these assessment findings and the associated recommendations, the customer decided a more comprehensive cybersecurity solution was required instead of only upgrading their outdated control system equipment. The customer selected the Mission Secure OT Cybersecurity Platform and Managed Services for an initial project for two of their paper mills and a number of their distribution facilities. They would implement an OT network protection solution, with future deployment to the entire manufacturing operation at a later date.

The customer is now able to:

  • Protect critical, outdated control systems equipment and temporarily defer expensive upgrades
  • Maintain 24/7 visibility and cybersecurity monitoring of their operational networks
  • Prevent unauthorized internal network traffic and stop unauthorized/unknown external connections to and from foreign IP domains
  • Immediately identify, investigate and respond to cybersecurity risks

How OT Network Visibility and Stronger Network Security Helped Extend Control Systems Lifespan

OT Network Visibility icon

Clear OT Network Visibility

computer with security management and network security

Stronger Operations Network Security

icon-ot-field-operations-lead green

Extended Control System Life and Deferred Upgrade Investments

Clear OT Network Visibility

Before working with Mission Secure, the customer had limited knowledge of all networked devices on their OT networks. Now, they have comprehensive visibility into their paper mill and distribution facility networks. They now monitor and tightly control the network and third-party access and continuously:

  • Map their OT networks and discover and inventory connected assets
  • Monitor internal OT network communications and protocols and identify anomalous behaviors
  • Prevent, log, and alert on unauthorized and unidentified external connection attempts
By protecting and segmenting our OT networks, we were able to improve resilience and performance and isolate and secure outdated, vulnerable process control systems to minimize the risk of a potential breach.”
–Principal IT Security Engineer
refinery worker on tablet
Stronger Operations Network Security

Without a properly protected and segmented OT network, an organization gives potential attackers a bigger attack surface to inflict significant damage. In partnership with Mission Secure, the customer defined and deployed their network protections and segmentation, built a security policy tailored to their OT environment, and established baseline authorized OT network traffic. The customer:

  • Improved OT network performance and secured their networks by eliminating unauthorized and foreign communications
  • Eliminated unapproved employee BYOD devices (e.g., Roku, etc.) and other non-business devices from the production networks
Extended Control System Life and Deferred Upgrade Investments

Up against fierce competition in the paper industry, it is imperative that the customer keep their costs down and production running smoothly. Any cybersecurity breach, no matter how minor, can result in unplanned production disruption that can cost the customer up to $1 million per day per facility and can even impact health and safety measures. With Mission Secure, the customer has:

  • Implemented compensating controls to protect their vulnerable control systems until they can be updated
  • Extended the useful life of existing control systems and temporarily deferred expensive upgrades
  • Minimized possible network downtime and improved cybersecurity control in their critical production facilities while keeping costs to a minimum
Partnering with Mission Secure has helped us extend the life of our control systems and lower our anticipated costs. Our production networks now perform better than they have in some time. And we work directly with Mission Secure’s Managed Services team to tightly control our cybersecurity and maximize uptime.”
–Principal IT Security Engineer

Mission Secure Products and Services
Used by this Manufacturer

MISSION SECURE OT CYBERSECURITY PLATFORM:

This platform deployment included the Mission Secure Console and Console Appliances and was purpose-designed and quickly installed across several paper mills and distribution facilities with no disruption to operations providing operational OT network visibility, protection, and segmentation.

Mission Secure 24/7 Managed Services:

This customer leverages Mission Secure for 24/7 Managed Services to manage OT network visibility, protection, threat hunting, and incident response support for its deployment across their paper mills and distribution facilities.

Mission Secure Full Onsite OT Network Assessment:

These assessments included network monitoring, packet capture and assessment; penetration testing of the paper mill and distribution facility OT networks; resulting cybersecurity findings and recommendations report and executive presentation; and go forward design guidelines.

Protect Your Industrial Control Systems.

Stop cyber threats head-on and safeguard your operations
with 24/7 military strength and industrial-grade protection.

Get a Demo