Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

Rethinking Cybersecurity for the IIoT: Integrated, Automated and Adaptable

The rapid convergence of IT and OT is opening up cybersecurity gaps; the manufacturing sector will need to address this problem in the year ahead.
By Prakash Mana

This orchestration will ensure a variety of safe measures, such as negating malware being introduced to the environment and providing more granular, segregated system access. With Zero Trust, every user, device, system, communication and piece of infrastructure is vetted before being allowed least-privilege access. By focusing on endpoint and access management, the attack surface is minimized even as the IIoT connectivity scales across the enterprise.

Another serious security consideration for the IIoT is regulatory compliance. After years of haplessly watching technology race ahead of regulation, governments around the world have started to enact regulations to protect consumers and mitigate security risk. A big focus for those adopting IIoT technology will be the increase in compliance requirements around IoT and IIoT devices as they proliferate in corporate networks and OT environments. It is one thing to see home video security systems like Ring compromised, but it is another when corporate HVAC or lighting systems are exposed.

When organizations do not know where a device is on their network, or who is accessing it and what it is communicating with, that poses severe risks. As a growing number of organizations adopt IoT and IIoT devices in the workforce, there needs to be security policy and controls in place. In the United States, much of this regulatory reform has been spearheaded by the state of California, which recently passed SB-327, the first law to cover IoT devices. The law took effect on Jan. 1, 2020, and regulators around the world will certainly be watching to see how effective the legislation is at reducing IoT device security issues.

For industries like health care, energy and government, these regulatory changes will further necessitate secure access, endpoint and device security control synchronization. As such, orchestration will be crucial to maintaining compliance as these regulations will surely evolve.

IIoT governance is rapidly reaching a make-or-break moment at a time when cybersecurity is also facing serious challenges. To manage the risk, the enterprise will need to shift away from isolated security solutions that only address one particular threat and look to more integrated, interoperable solutions that can be orchestrated to protect the enterprise across a wide range of attack vectors and business needed. In 2020, manufacturing and other industrial equipment-dependent organizations must explore processes, policies and technologies with their security peers to enact coordinated discovery, provisioning, monitoring, enforcement and threat response capabilities.

Prakash Mana, the chief portfolio officer at Pulse Secure, is responsible for delivering the company's Secure Access vision, defining product strategy and roadmap, and operationalizing different go-to-market motions. Prakash has more than 15 years of experience building networking and security products. Most recently, he was the director of product management at Citrix, where he was responsible for security and gateway business. He holds BE and MS degrees in electrical engineering and an MBA from Carnegie Mellon.

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations