Originally published on Industry 4.0 Blog by Omaelk | March 04, 2020 04:23 PM
Forrester’s Predictions 2020: The Internet of Things report has an eye-opening forecast on cybercrime for the coming year – an IoT prediction that demands that we collectively consider how to strengthen OT security.
" We cannot close the door on connectivity’s many benefits. It’s clear that connectivity across people, assets, and systems empowers us to make full use of extracted data to improve operations and processes. "
This is especially true as the line between IT and OT blurs as companies sync up operations to leverage real-time monitoring, data-driven business models, cloud-based and edge analytics, digital twins of industrial processes, a seamless digital ecosystem from shop floor to back-office business processes, and more.
According to the State of Industrial Cybersecurity 2019 report, about “70% of companies surveyed consider an attack on their OT/ICS infrastructure likely.” What are some of the inherent risks to address now before these attacks manifest?
Every connected device is associated with an endpoint that hackers could pinpoint to infiltrate and manipulate the entire digital ecosystem. Think about this: today’s smart factories now have hundreds —and even thousands — of connected sensors. A holistic approach to cybersecurity — from product security to supply chain protection — is imperative.
Many of the systems that control the world’s most critical operations were installed and developed decades ago before the rise of the industrial IoT (IIoT), and they were intended for long-term use. As digitization proliferates rapidly, assessing the risk of legacy systems is critical, and an end-to-end cybersecurity plan should address both new and aging systems.
Unlike IT attacks, which typically aim for the biggest number of users, OT attacks tend to target a specific weakness within a single target. This approach requires specific paths of protection, as widespread defensive measures such as antiviruses are not commonly applicable or even could incapacitate the device itself. What’s more, disconnecting the affected system often is too complex in factory environments.
It’s very common for external vendors/field service engineers to be granted privileges to access OT devices through their own laptops and USB devices, the internet, or fully hosted environments with little control. This broader access poses risk even if there is no inherent malicious intent. The attack surface widens with each connected laptop or thumb drive.
A multi-lingual Global Marketing & Digital Communication/Community Management specialist, mostly involved in Sales enablement & Digital transformation. Born in Morocco, grown up in France, studied in England, worked in the US, I like to consider myself as a world citizen who treasures relationship building, intellectual curiosity & learning agility.
All registered members have full access to the Exchange Community and can post comments and start topics.
Discuss challenges in energy and automation with 30,000+ experts and peers.
Find answers in 10,000+ support articles to help solve your product and business challenges.
Find peer based solutions to your questions. Provide answers for fellow community members!