6 steps the manufacturer of Arm & Hammer and OxiClean took to harden OT cybersecurity

The threat of cyberattack has never been higher, and nearly nine in 10 (88%) of security leaders believe their organization is not meeting the challenge of addressing security risks, according to the Foundry Security Priorities Study 2023. Manufacturing, in particular, is facing significant threats, with ransomware accounting for almost one-quarter of attacks (24%), according to Verizon’s 2023 Data Breach Investigations Report – Manufacturing Snapshot. 

It’s no longer a question of whether an attack will occur, but when, and the consequences of a successful attack can be dire. For example, the 2023 ransomware attack against Clorox caused order processing delays and product outages that reduced quarterly sales by 23% to 28%, which likely amounts to more than $500 million.

Church & Dwight is a $21 billion manufacturer of personal and household care products, including Arm & Hammer, OxiClean, and other well-known brands. In the early days of the pandemic, the company’s Chief Information Security Officer (CISO), David Ortiz, could see that security risk for manufacturers was only getting higher. To meet this challenge, he led a strategic effort to expand and harden cybersecurity at Church & Dwight to lower cybersecurity risk. 

“Specifically, we needed to better protect OT operations,” Ortiz explained. “At the core, that meant we needed more visibility across IT and OT (operational technology) networks.”

To accomplish this goal, Church & Dwight partnered with Rockwell Automation to serve as a trusted advisor. Ortiz and his team had deep cybersecurity experience, but for something as critical as OT cybersecurity, he wanted to make sure he had insight from specialists in the field.

Together, Rockwell and Church & Dwight conducted a rigorous audit of the network architecture, user privileges, and digital assets across manufacturing operations. They also led cybersecurity discovery workshops following the NIST Cybersecurity Framework across more than a dozen factories. These activities identified both vulnerabilities and strengths, which formed the basis of a prioritized risk reduction plan.  

“Our goal was to detect anything potentially malicious on our network,” Ortiz said. “We were laser-focused on this goal, not ‘boiling the ocean’ in terms of trying to improve every possible process upfront. This allowed us to partner with the manufacturing teams and not take up too much of their valuable resource time.”

Through the process of implementing their successful lean and phased implementation plan, the combined team took away six lessons for ensuring strong OT cybersecurity. 

1. Deploy a demilitarized zone (DMZ) to isolate OT systems from IT networks and the internet.
2. Further segment and harden networks to help protect high-value assets, data, systems, and applications.
3. Use specialized OT security tools to monitor and help protect OT systems, as well as to perform frequent asset inventories.
4. Keep OT devices updated using the latest security patches.
5. Train employees on OT security best practices.
6. Have an incident response plan in place to help you quickly respond to OT cybersecurity incidents, including steps to contain an incident, eradicate the threat, and recover from any damages.

Ortiz emphasized how important it is to work with a trusted advisor who not only understands cybersecurity but also has deep domain knowledge about your company’s business and its industry. Most of all, though, success depends on creating a partnership with people in operations and developing trust.

 “Be respectful of the manufacturing teams’ time,” Ortiz said, “but keep at it until you get all the information needed to correctly assess the environment. Don’t wait. The time is now to make investments in OT cybersecurity.”

Learn more here.