Boston Beer has modernised IT and OT cybersecurity using Dragos systems, achieving 100 per cent ROI in year one amid growing cyber risks.
With the growing adoption of automation, interconnected devices, and digital technologies in manufacturing, the risk of cyber threats has become a pressing concern.
For Boston Beer, the increasing complexity of its systems and the expansion into operational technology (OT) environments have added new layers of vulnerability. Struggling to keep pace with the resource demands of maintaining and securing these systems, Boston Beer identified the need for the modernisation of its corporate IT and OT security strategies to stay ahead of evolving threats.
Achieving 100 per cent ROI in year one
Founded in 1984 by Jim Koch, The Boston Beer Company – the maker of brands like Samuel Adams, Dogfish Head, Truly, Twisted Tea, and Angry Orchard – began with a lager recipe passed down from his great-great-grandfather.
Forty years later, Boston Beer has produced 111 million cases of beer, welcomed almost two million visitors to Boston Beer properties, and continues to redefine how the world experiences high-quality beer and seltzer.
When Brandon Catalan joined Boston Beer in 2021 as chief information security officer (CISO), the company had invested in IT cybersecurity programs, but it struggled to keep up with the resource demands required to maintain its systems, let alone focus on expanding into its OT environment.
As a result, corporate IT security and OT security at the company’s breweries and its overall operational infrastructure were key targets for modernisation.
“We’re not just a beer company; we’re a manufacturing company. If we lose the ability to brew, bottle, and can, then we’re out of business,” said Catalan.
The manufacturing sector is vulnerable to operational risks due to the nature of cyber threats targeting operations technology systems. These risks threaten the integrity of IT systems and pose dangers to OT environments, potentially leading to physical damage, production downtime, financial losses, and safety hazards.
The shift towards greater IT-OT integration and remote access has amplified these risks, exposing critical infrastructure to advanced cyberattacks by actors, including ransomware gangs, criminal organisations, and state-sponsored entities. These actors evolve their tactics to exploit vulnerabilities and native functionality, highlighting the need for cybersecurity measures.
The interconnectedness of the global supply chain introduces additional risk and exposure, with a single compromised component potentially impacting countless devices and systems across multiple manufacturers.
The most recent Dragos Year in Review underscores the severity of the situation, noting a nearly 50 per cent increase in ransomware attacks targeting the manufacturing sector in 2023 alone. High-profile cases underscore the extensive financial and operational impacts of such incidents. The findings emphasise the importance of implementing strict network segmentation, enhancing security protocols, and fostering a collaborative approach to cybersecurity across the supply chain to mitigate these pervasive and evolving threats.
Understanding OT risk and prioritising the security of these environments was the first step for Boston Beer.
The next step was for Catalan to align the perspectives and resources of the company’s leadership and board.
Tabletop ransomware simulation
Boston Beer leadership tasked Catalan with building a robust IT and OT cybersecurity program from the ground up. Catalan began by running a strategic tabletop exercise with the C-suite and the Board that simulated a ransomware scenario on the manufacturing side of the house.
The exercise covered the effects of an attack on every aspect of the business, from the cost of losing three days of production to reputation management to legal and HR implications. The impact was dramatic.
“The tabletop exercise demonstrated how vulnerable we were and got us executive backing and buy-in,” said Catalan.
“After that, whenever the CISO asked for assistance, it became the top priority.”
The exercise also prompted a search for the right OT cybersecurity platform for Boston Beer Co.
Catalan evaluated several vendors but ultimately chose Dragos, citing their ability to “talk the talk and walk the walk.”
“The executive team asked me what I needed, and I pointed to Dragos and said, ‘I need this.’ When you want to make a difference, and you’re not willing to gamble, you go with the Cadillac. That is Dragos,” he said.
Key benefits of OT watch; Dragos’ OT cybersecurity system
Early detection of threats: Using industry-leading threat inputs, including proprietary threat intelligence, OT Watch proactively hunts for sophisticated threats that bypass traditional security measures, reducing potential adversary dwell time in customer environments and mitigating impact of attempted attacks.
Improve response time: OT Watch prioritises suspicious detections within the Dragos Platform and provides the human expertise to escalate high impact threats promptly with actionable guidance.
Identifying misconfigurations: While hunting operations, OT Watch often finds network, system and application misconfigurations, thus optimising security posture and limiting attack exposure.
Proactive risk mitigation: Proactive threat hunting enables a focused response to high probability threats to reduce risk to the business.
Collective power: Customers benefit from the shared insights across the OT Watch client base and enhance their security posture by leveraging expert industrial threat hunters to augment their team.
Health and tuning for the Dragos platform: With OT Watch Premium, customers gain regular platform health support and asset, zone, and alert tuning of the Dragos Platform to maintain peak performance.
