Interview

Packaging companies must protect production lines from cyberattacks –analyst

By bringing more of packaging companies' assets online, digitalisation has increased the risk of cyberattacks in the sector, as GlobalData senior analyst Rory Gopsill tells Stu Robarts.

Rory Gopsill, senior analyst at GlobalData

D​​​​​​​igitalisation within the packaging industry over recent years has increased productivity and efficiency, but it also brings with it new cybersecurity threats. 

By bringing more of a company’s assets online, digitalisation increases the potential attack surface and means that businesses must take greater protective measures. Threats today don’t just include back-office email phishing and data leaks but also the potential for attacks against connected machinery and attacks elsewhere in the supply chain that can have a knock-on effect. 

Here, GlobalData senior analyst Rory Gopsill outlines the rise and benefits of digitalisation, as well as the increased threats packaging companies face as a result of it. 

Stu Robarts: How has digitalisation changed the packaging industry?

Rory Gopsill: Digitalisation has underpinned smart manufacturing for packaging companies. Digitalising production has enabled packaging companies to improve cost efficiencies by optimising and automating industrial processes. It has also transformed essential business processes, such as supply chain management and customer relations management, by enabling tasks to be automated and decisions to be based on analysis of big data.

Stu Robarts: To what extent has digitalisation given rise to new cyber threats within the sector?

Rory Gopsill: Digitalisation and the emergence of the internet effectively created cyber threats as we understand them. A Victorian steam engine can't be hacked, but an internet-connected logistics robot can be. The internet is as much the enabler of hacking as it is of modern packaging operations.

Stu Robarts: What are the main cybersecurity threats within the sector?

Rory Gopsill: ​​​​​​​Production lines are one point of attack that packaging companies must protect. Packaging production often relies on internet-connected machines, which can be hacked if not properly protected.  

One of the problems international companies are facing is that they have lots of production facilities around the world, all of which contain lots of different connected machines and systems that often differ in vendor and installation date. This means it can be very difficult for these big companies to maintain visibility over their machines and systems (i.e. the attack surface for threat actors) and to coordinate security practices in any simple way.  

From a corporate point of view, packaging companies rely on humans as much as any other sector, and humans are fallible. It can take just one employee clicking on a link in a phishing email for threat actors to gain access to the company's corporate network and wreak havoc, steal information, and ultimately cause the company financial damage. 

Stu Robarts: To what extent has AI brought about new cybersecurity threats within the sector?

Rory Gopsill: Artificial intelligence (AI) has been around for a long time and has been integrated into packaging business operations for a long time. AI has been a key part of the digitalisation trend, which (as stated) has contributed significantly to the growth in cyber threats by transferring control and decision-making apparatus to online environments. Recent developments in AI could create new threats in the form of hackers using the technology to improve their attacks.