Cybersecurity is becoming an increasing concern for companies in the packaging industry as digitalisation increases the risk of attack.
A similar trend is being seen across many sectors, and the themes most dominating thinking within the packaging industry are focussed around sustainability.
In 2023, for example, ‘ESG’ (environmental, social and governance) was the most mentioned theme in company filings within the packaging industry – over 322,000 times, GlobalData analytics show. ‘Environment’, ‘climate change’, ‘carbon emissions’, ‘sustainability & ethics’, ‘circular economy’ and ‘circular plastic economy’ all featured in the top 20 most mentioned themes.
However, ‘digitalisation’ was the 18th most mentioned theme, and its trend is tracked closely by ‘cybersecurity’ in 20th.
Digitality breeds attempts
It follows, of course, that digitalisation leads to more cyber attacks because it brings more company assets online. However, businesses are not always aware of the risk this poses – or indeed the possible threat routes therein. Businesses across sectors typically recognise threats like email phishing or data breaches, but there are a growing number of which many simply aren’t aware.
As Barry O’Connell, senior vice president and general manager for EMEA at managed detection and response firm Trustwave explained to Inside Packaging’s sister publication Verdict earlier this year: “What [organisations] are finding now is that the attack surface is much, much larger than they thought it was originally. It's not just your PCs, it's now your operational controls and your factories or your oil refinery or whatever it might be – that is now is now part of that attack surface.”
For the packaging sector, one such threat is posed by smart machinery. Historically, machinery was purely mechanical. Today, however, it is increasingly connected, and that opens the door to potential attacks that can bring manufacturing operations to a halt.
Rory Gopsill, senior analyst at GlobalData, explains: “Connected machines are certainly a potential area of weakness. One of the problems international companies are facing is that they have lots of production facilities around the world, all of which contain lots of different connected machines and systems that often differ in vendor and installation date.
“This means it can be very difficult for these big companies to maintain visibility over their machines and systems (i.e. the attack surface for threat actors) and to coordinate security practices in any simple way.”
Cyber pains in supply chains
Indeed, cyber threats to packaging companies as a result of digitalisation don’t only come from within. GlobalData’s latest Cybersecurity in Packaging report noted that digitalisation has led to threats from elsewhere in the supply chain.
The manufacturing sector is rapidly becoming digitalised …” it explained. “This shift towards adopting technology throughout the supply chain has brought manufacturing to new levels of efficiency and productivity.
“However, the packaging sector’s digitalisation is moving faster than the pace of its cybersecurity adoption. Manufacturers are keen to adopt innovations that could streamline their processes but typically do not give enough consideration to cybersecurity. This results in vulnerable networks that are likely to be targets of intrusion and tampering from outside forces.”