- Contact Us
When brainstorming blog topics, it often helps to find intersections between your profession and your personal interests. In this case, that intersection is cybersecurity and brewing beer, respectively. But what could beer possibly have to do with cybersecurity?
In the home brewing of beer, the only ingredients you typically need are water, grain, hops, yeast, and time! Start with the steeping of grains to extract the sugars, add a little bit of hops (or a lot for an IPA), pitch some yeast, seal it, and wait 2 weeks. That’s the simplified version of at-home brewing.
In a professional brewing operation, it is done about the same way but at a much larger scale. It is also performed in a much more exacting and precise process. Some professional brewing operations are using hundreds of pounds of grain and gallons of yeast. Their water is typically filtered, with additives to bring the water up to an exact standard for the beer that is being brewed. All these processes are often controlled by computers and programmable logic controller (PLC) devices. These PLCs control all types of flows and vents throughout the brewing, fermentation, and bottling/canning operations.
As a home brewer, you’re probably performing your boil in a 6 to 8 gallon lobster pot and playing with the burner to either keep your mash at the right temperature or to keep it from boiling over and causing a mess. In the professional operations, all of this is controlled by PLCs. These PLCs can raise or lower the heat.
Fermentation for a home brewer is a crapshoot. Individuals will often ask themselves, “how cool is my basement?”. We usually have a range that we are shooting for, but what we get is what we get. In the professional operations, the fermenters are hundreds of gallons and are cooled by glycol. These fermenters and the glycol are controlled by PLCs. These breweries are looking to replicate the same brewing process over and over again. You don’t often find that your favorite beer suddenly tastes different, right? The PLCs help in that process and monitor the whole operation.
As a home brewer, we siphon the beer from the fermenter over to the bottling buck after we’ve added some sugar. We use gravity to fill our bottles and cap them by hand. In the professional operations, the feeding of cans or bottles is usually done on a canning line that is all automated. A specific amount of nitrogen is added to the can or bottle, to remove air. The cans or bottles are filled to a specific level, sealed, weighed, and packaged. This bottling/canning operation is also often controlled by PLCs.
At this point, you may be asking yourself, “What does any of this have to do with cybersecurity?”. If you have followed the news lately, you’d know that hackers are utilizing ransomware to extort businesses in nearly every sector across the country. Think of the damage to the manufacturing process that could be caused by hacking into a brewery’s PLC environment. Or worse, the loss of reputation and brand image after a successful cyberattack, even if the affected batches of beer never left the brewery. These environments are often not equipped with IT departments and do not typically perform vulnerability scanning and penetration testing on any schedule. The way I see it, breweries represent low hanging fruit for cyber criminals.
Unfortunately, cyber criminals have already begun picking some of this fruit. In June of 2020, Australia’s Lion Brewery fell victim to a ransomware attack that took their breweries offline for an extended period of time. In November of 2020, Italian liquor and spirits company Campari Group (owner of over 50 global brands including SKYY Vodka, Aperol, Wild Turkey, etc) suffered an apparent ransomware attack forcing their IT services offline. And this past March, Molson Coors announced that they had experienced a "cybersecurity incident" that had disrupted operations and beer production, continuing to say that delays in shipments were likely as they worked to bring systems back online. Molson Coors owns popular brands including the Coors, Miller, Molson Canadian, Blue Moon, Peroni, Grolsch, Killian's, and Foster's.
This list will continue to grow until breweries, distilleries, and all manufacturing organizations begin to foster a culture of cybersecurity awareness and maturity. Compass IT Compliance has worked with beverage and manufacturing companies across the nation to develop and enhance cybersecurity programs and identify vulnerabilities before a ransomware attack occurs. Contact us today to learn more and discuss your unique situation! And in the meantime, here is a good recipe I use when brewing Irish red ale:
Irish Red Ale
(5 gallons/19 L, all-grain)
OG = 1.053 (13.2 °P) FG = 1.014 (3.5 °P) IBU = 25 SRM = 18 ABV = 5.2%
Step by Step
Mill the grains and dough-in targeting a mash of around 1.5 quarts of water to 1 pound of grain (a liquor-to-grist ratio of about 3:1 by weight) and a temperature of 153 °F (67 °C). Hold the mash at 153 °F (67 °C) until enzymatic conversion is complete. Raise the temperature to mash out at 168 °F (76 °C). Sparge slowly with 170 °F (77 °C) water, collecting wort until the pre-boil kettle volume is around 6.5 gallons (24.6 L) and the gravity is 1.041 (10.3 °P).
The total wort boil time is 90 minutes. Add the bittering hops with 60 minutes remaining in the boil. Add Irish moss or other kettle finings with 15 minutes left in the boil. Chill the wort rapidly to 66 °F (19 °C), let the break material settle, rack to the fermenter and aerate thoroughly. Pitch the yeast. Use 10 grams of properly rehydrated dry yeast, 2 liquid yeast packages, or make an appropriate yeast starter. Ferment the wort at 66 °F (19 °C). When the fermentation is finished, carbonate the beer from 2 to 2.5 volumes.