Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

Rethinking Cybersecurity for the IIoT: Integrated, Automated and Adaptable

The rapid convergence of IT and OT is opening up cybersecurity gaps; the manufacturing sector will need to address this problem in the year ahead.
By Prakash Mana
Jan 12, 2020

Roughly 50 percent of industrial assets will be connected to some sort of network or Internet-based data-collection system by 2020, according to a report from IoT Analytics. While IT and OT traditionally operated in two separate worlds, the rapid convergence of the two is opening up cybersecurity gaps in manufacturing organizations. Because many OT systems were never designed for remote or Web access, not all connectivity exposures were considered.

As IoT and OT devices are increasingly being connected to OT environments, organizations are being exposed to attacks because these devices usually don't come with well-maintained or strong embedded security features. This is a major security challenge and operational risk that the manufacturing industry will need to address in 2020.

The rapid growth in cyberattacks and breaches comes at a time when the cybersecurity field is already facing a talent shortage and IT personnel are overwhelmed by their existing workloads. A survey conducted by nonprofit cybersecurity professional organization (ISC)2 found that nearly three million unfilled cybersecurity roles globally, with 63 percent of respondents saying that their organization is experiencing a shortage of IT employees. Fifty-nine percent said that the shortage was actively putting their business at risk, while nearly a third said they lacked the resources to do their jobs effectively.

As a result, many organizations with the most to gain from the Industrial Internet of Things (IIoT), particularly in the manufacturing, health-care and government sectors, are facing a catch-22 of being left behind by the Industry 4.0 revolution and having critical data compromised by insecure systems.

Traditionally, the enterprise has had a circular paradigm of exploring new equipment and systems to suit new business needs. As new systems are needed in the enterprise, the attack surface expands, exposing new vulnerabilities. When the risk becomes high enough, the enterprise looks for security tools that address the specific needs at the time. The amount of effort and the level of complexity for a security administrator to manage all these different tools is high, and often exposes organizations to visibility and controls gaps in what already amounts to a large attack surface.

With the IIoT, the attack surface will rapidly expand as entire factories are connected to make operations faster, more intelligence and more efficient. To keep up, the enterprise will need to approach cybersecurity from an orchestration perspective. Integrating security solutions that address the entire protection lifecycle—onboarding, monitoring, segregation and risk mitigation—can streamline the security-management process for maximum usability and enforcement. When controls can operate in tandem, they can support a Zero Trust model of verification before granting access.

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations