Key Industrial IoT Security Considerations: Asset Management and Monitoring
The Industrial Internet of Things (IIoT) is revolutionizing manufacturing, driving efficiency, safety, and intelligence on the factory floor and across the supply chain. But so far, security strategies haven’t been keeping up with the momentum—and that’s a big problem when a single virus-infected device can bring production to a halt.
More than one-fifth of global businesses have fully adopted IIoT technologies, and another quarter are in trial stages, anticipating a revenue boost of a projected $154 million, according to a recent Inmarsat survey. Yet, the sheer volume of newly connected machines and devices can make securing it all uniquely difficult and time-consuming.
Burwood research shows that many IT leaders in the industrial sector are now grappling with increasingly urgent security questions. How can you gain control over an ever-growing array of authorized and unauthorized devices and software, when devices often are connected on a need-basis rather than according to the best networking practices? How can you ensure secure communication links for remote and embedded assets? How can you secure all that data from end to end?
Now is the time for proactive IIoT inventory and monitoring
Where IIoT is concerned, a key issue is that you can’t properly protect connected devices you don’t even know about.
That’s why many teams are actively seeking to improve asset inventory management, from plant walkthroughs to switch monitoring. Once you catalog and better understand each device function and location, you can create detailed infrastructure diagrams needed to ramp up network monitoring and security.
Asset management and monitoring will be key, considering the relative dearth of active monitoring we’re seeing in the sector today. According to a recent Deloitte survey, 50 percent of organizations conduct vulnerability testing for industrial control systems less than once a month, and another 31 percent have never even completed an assessment (this is common practice due to the response from IIoT devices when being probed by vulnerability scanners). In addition, more than a third—37 percent—of respondents say their cyber-response strategies do not cover IoT products at all.
By improving inventory and monitoring practices, IT teams can gain important visibility into devices and data, and help shut out unauthorized access.
Next steps: Segment the network, and then round up the allies
Many industrial manufacturing IT teams can also benefit from network segmentation. Separating the production network from other plant systems can help prevent a single breach from affecting an entire network.
Recently, for example, one global manufacturer set out to separate out its sales and administrative systems from the devices on its manufacturing floors that required intricate protection. We helped the company re-engineer the network with new routers, switches and next-generation firewalls to create a business and administrative segment and the production segment. As a result, the company could more clearly see application and network activity, and achieve a more robust security posture across the organization.
Security is rarely just a matter of protecting a single device or piece of data. On an automated shop floor, cybersecurity can also bring heightened productivity and reduced likelihood of operational disruption. Fewer disruptions mean more revenue, which is why IIoT security should concern the C-suite as much as it concerns the IT team.
While implementing cybersecurity protocols, it may well be worth the while to break down silos between departments. Stay tuned for an upcoming blog post on the benefits and potential pitfalls of IT-operations team collaboration.