Critical Security Challenges Facing IIoT

Kymera Systems

 

Mar 19, 2018

By Will Mapp, Kymera Systems

The Industrial Internet of Things (IIoT), also known as the Industrial Internet, is transforming the way innovative businesses collect and share data. IIoT combines machine-to-machine (M2M) communication, industrial big data analytics, human machine interface, and data acquisition to drive smarter, faster business decisions and powerful outcomes for enterprises of any size.

From the looks of it, this digital transformation is here to stay. According a recent report by IDC, worldwide spending on IIoT is forecast to reach US$1.29 trillion in 2020.
As the scope of connectivity between devices continues to expand in industries such as oil, gas, power generation and healthcare, so does the potential for cyber security events that can carry serious risks. In safety-critical environments, any system failure or unplanned downtime can result in a high-risk situation or life-threatening emergency.
While several measures are being taken to prevent security breaches at the device level and beyond, there is still work to be done to educate consumers and ensure the security of embedded devices. Here we outline the top security concerns organizations should consider when building out their IIoT infrastructure.

Network security

With a wider range of communication protocols, standards and device capabilities, IIoT network security is more challenging than traditional network security. To best protect assets and communication links, IT organizations should implement a flexible security framework that allows them to closely monitor network growth and quickly allocate security tools needed to ensure the proper functioning of their systems should they come under attack. No new devices should be allowed on the network until hardware, manufacturer details and platform security have been thoroughly assessed for compliance.

Authentication

Businesses cannot protect sensitive data that is being shared or transactions being conducted if they can’t be sure (or at least reasonably confident) of the IIoT entity they are communicating with. Therefore, offering every “thing” a unique identity should be the foundation of any security strategy. IIoT authentication requires a layered, standards-based security approach that constantly changes as new challenges arise. One security technology that meets those requirements is Public Key Infrastructure (PKI). PKI has been securing network connected devices by delivering trust and high assurance for decades already, making it ideal for managing IIoT device identities.

Outdated device software

Consumers are at risk anytime they are using software that has not been updated to fight off security attacks. Companies that are serious about the safety of their customers must ensure the devices they design have the IO and storage needed for firmware updates and commit to running all necessary updates throughout the device lifecycle.
Consumer agreements

A Deloitte survey found that over 90% of consumers accept legal terms and conditions without reading them. When thinking about IIoT security, it is important to remember that the first line of defence is your organization. To ensure the safety of your network, do not allow employees to experiment with random new devices within the network and thoroughly read through any agreement before receiving a device to understand how data will be shared and kept safe.

Data security

The sheer amount of data that IoT devices can generate is staggering. A Federal Trade Commission report entitled Internet of Things: Privacy & Security in a Connected World found that fewer than 10,000 households can generate 150 million discrete data points every day. Planet Technology estimates that 25 billion IoT devices will generate 1.6 billion terabytes of data by 2020.

With this onslaught of information comes a new and increasingly complex challenge to corporations to ensure data is securely collected and integrity is maintained as data moves from device sensors, over the company gateway, through servers/applications, into the data centre and, eventually, into storage. Insecurity at any point in this process can lead to erroneous or altered streams that can compromise the validity of the data coming over the gateway.

When you are mapping out your IIoT strategy, it is important to think through the real aspects of what you are trying to accomplish and how you plan to use the data you are collecting. How will you ensure the accuracy of the data you are measuring? What steps will you take to maintain the security and integrity of data as it flows throughout your system? What data will you save and for how long?

A well thought out strategy will keep your handling and retention policies aligned to the new reality this type of data presents while keeping your customers information protected.

Summary

Any business that wants in on a bigger piece of IIoT real estate must understand the critical security risks and implications presented in this space and use that knowledge to adapt solutions to their specific needs.

Depending on the level of data security and compliance your organization requires, it may be appropriate to consider hiring a security consultant or cyber security expert to develop a comprehensive security strategy for your IIoT infrastructure.

Source: http://kymerasystems.com/2017/11/22/critical-security-challenges-facing-iiot/

 

Related Articles

Latest Articles

Changing Scene

  • Siemens to Establish Global AI Manufacturing Technologies R&D Center for Battery & EV Production in Canada

    Siemens to Establish Global AI Manufacturing Technologies R&D Center for Battery & EV Production in Canada

    May 26, 2025 Siemens will invest CAD $150 million over five years to establish a Global AI Manufacturing Technologies Research and Development (R&D) Center for Battery Production in Canada. The new R&D center, located initially at Siemens Canada’s head office in Oakville, as well as in Toronto and Kitchener-Waterloo, Ontario, will focus on developing cutting-edge AI manufacturing technologies with an initial emphasis… Read More…

  • Honda Postponing Ontario EV Supply Chain Investment by Two Years

    Honda Postponing Ontario EV Supply Chain Investment by Two Years

    May 26, 2025 Honda is postponing its plan to invest in a comprehensive EV supply chain in Ontario. The CBC reported that the investment is being push back by two years. “Due to the recent slowdown of the EV market, Honda Motor has announced an approximate two-year postponement of the comprehensive value chain investment project in Canada…. Read More…

  • Serge Leblanc Named Sonepar Canada Interim President

    Serge Leblanc Named Sonepar Canada Interim President

    May 26, 2025 George McClean, former President of Sonepar Canada, has decided to leave Sonepar for an opportunity outside of the electrical industry. Serge Leblanc, current President of Lumen Canada, has been appointed interim President of Sonepar Canada. Leblanc will manage both responsibilities until a successor is named.  Leblanc joined Lumen in 1997 and has… Read More…

  • Ontario Building and Construction Tradeswomen Head to Queens Park to Advocate for Safer, More Inclusive Job Sites

    Ontario Building and Construction Tradeswomen Head to Queens Park to Advocate for Safer, More Inclusive Job Sites

    May 26, 2025 On Monday, May 26, the Ontario Building and Construction Tradeswomen (OBCT), will host its first-ever Advocacy Day at Queen’s Park. Tradeswomen from across the province will gather to meet with Members of Provincial Parliament, including Minister of Labour David Piccini, to advocate for progress in the skilled trades for tradeswomen. OBCT’s top priorities include:… Read More…