On November 25th, ISPE's CoP GAMP and Automation was virtually organised to discuss the positioning of GAMP in the light of the new approach of the FDA guidance. In addition, an interesting roundtable was held with the participation of important companies in the pharmaceutical sector, to try to answer the questions still posed by the arrival of digitisation in industrial processes.
- TAKEDA – Sergio Torralbo
- NORMON – José Luís Jiménez
- ALMIRALL – David Garcia Ontiveros
- OTPOINT – Diego Martín
The roundtable began by explaining the key reasons why cybersecurity has become an essential factor for industry due to the changes brought about by digitalisation. The industrial environment has historically followed its own path, but in recent years, industrial networks have begun a complete convergence with IT systems. This integration has given rise to new opportunities, and the associated risks need to be mitigated because now, as the industrial environment is connected to other networks, a security incident could quickly move to an OT environment and vice versa.
The conflict of interest that this new situation has generated was then discussed. The fact that IT and OT inhabit different parts of the business has meant that their convergence is a topic that brings several perspectives. In addition, IT Security is not always familiar with the automation environment and its needs, and as a consequence, several points of view were presented on how to manage industrial cyber security projects, including the creation of an cross-functional group with experts from different areas, in order to give a holistic IT/OT approach to cyber security. It was also discussed how to manage security updates in production systems or how to deal with obsolescence projects.
Examples of good cybersecurity practices in OT were highlighted, and finally, the importance of awareness campaigns for employees operating in the OT environment was emphasised.