Securing the line — without stopping it
The meat-production industry depends heavily on Industrial Control Systems (ICS) to optimize operations, boost efficiency and guarantee product quality. As the threat landscape expands, safeguarding those systems has become an urgent priority. Our client — a leading player in the sector — ran complex machinery, automated systems and interconnected devices controlling every stage of production, from slaughtering to packaging, and recognized the need to bolster its ICS security. Used correctly, purple teaming lets an organization find where the gaps are in its controls and fix them, cost-effectively.
Five challenges unique to ICS
- 01Legacy systemsincompatible with modern security controls. 26,000 ICS vulnerabilities were reported in 2023, and older systems may no longer be supported by the manufacturer — so they never receive updates without costly extended-life agreements.
- 02Rising cyber threatsattacks on industrial environments lead to production disruption, financial loss and reputational damage. The best-known attack on a meat processor, on JBS, ended in an $11M ransom.
- 03Regulatory compliancethe Food Safety Modernization Act (FSMA) requires preventive controls against intentional adulteration, including cyber attacks that could compromise product safety; the Farm and Food Cybersecurity Act followed.
- 04Reliabilitydowntime is not acceptable in this environment — every implication carries a financial impact, so any testing has to be extremely cautious, a concern heightened by the legacy systems.
- 05Specialized equipmentproprietary protocols, engineering tools and operational technologies unique to ICS demand a specialist understanding of the risk they pose to the operating assets and the company as a whole.
Why purple team
A purple team runs red-team offensive testing live, alongside blue-team defensive assessment and remediation. It fit this environment for four reasons. It reduced risk — the operations team was fully aware of, and involved in, every aspect of testing. It increased ROI on the security tools the client already owned, which we found were not being used to their full potential. It improved defense, lowering the probability that an external attacker with a foothold could disrupt operations. And it was cost-effective — the benefits of a red team, with a real-time assessment of controls and fixes applied as problems were found.
What the purple team fixed
- 01Network segmentationsome segmentation had been implemented, but gaps allowed lateral movement of threats within the ICS network. These were remediated and the movement closed off.
- 02Security updates & patch managementmissing patches were identified and their exploitability determined. Where patching wasn’t possible, detective controls were reviewed and put in place instead.
- 03Incident responsean ICS incident-response plan is not the same as a typical infrastructure plan — a failure can carry real physical-safety impact. The gaps were remediated and the plan retested.
Securing Industrial Control Systems in meat production is a critical undertaking that takes a proactive, comprehensive strategy. As cyber threats continue to evolve, and budgets stay flat or shrink, the benefits of purple teaming only become clearer.