Manage Learn to apply best practices and optimize your operations.

Properly managing IIoT systems to prevent cyberattacks

According to the McKinsey Global Institute, it will be the industrial internet of things where the impact of IoT will be felt the most. The market for IIoT in factories alone is expected to be worth up to $3.7 trillion per year by 2025. The ultimate aim of IIoT, or smart manufacturing, is to create robust ecosystems where thousands of individual remote smart devices work together securely.

One of the top challenges of IIoT is keeping valuable business data secure. Cyberattacks against IIoT systems and critical network infrastructure have severe consequences, putting world governments on high alert.

The U.S. Department of Homeland Security recently published guidelines to “provide a strategic focus on security and enhance the trust framework that underpins the IoT ecosystem.” The document is the first attempt to provide clear cybersecurity guidance to organizations implementing IIoT.

The Department of Homeland Security asks organizations to consider the risks following a possible breach or device failure, compared to the costs of limiting internet connectivity. For instance, continuous network access may be convenient, but is it strictly necessary in the context of what the device does? A nuclear reactor having a continuous connection to the internet carries too great a risk because it also opens the door to a network intrusion.

Defense-in-depth strategies

IIoT organizations are advised to adopt a defense-in-depth approach to help them stay ahead of privacy and security risks.

First, understand exactly what the device does. Without a full appreciation of the function and scope of each individual device, organizations run the risk of activating direct connections to the Internet when they are not strictly needed.

Next, make a conscious decision about every IIoT connection. Connect to a local network to allow the content of critical information to be analyzed before it is sent. Industrial control systems are complex and it is essential to protect them using defense-in-depth principles.

Lastly, build in remote management capabilities. Manufacturers, critical network infrastructures and service providers must be able to disable network connections or specific ports remotely when needed.

Protecting IIoT systems

IIoT promises to bring invaluable benefits to industrial enterprises in terms of process efficiencies, automation, scalability and cost savings. However, despite their vital contribution, IIoT systems are often not managed properly and security remains a major risk. Cybercriminals actually regard IIoT systems as the most vulnerable point in an organization’s network.

Full protection of remote connections on IIoT systems is best achieved with virtual private network (VPN) software. VPNs form a secure connection at the remote IIoT gateway, integrating seamlessly with existing infrastructure and encrypting all data traffic passing to and from individual devices.

NCP engineering recommends IIoT organizations give careful consideration to on-demand/always-on access along with command line or API control. Additionally, authentications in the form of software/hardware network certification and central management for remotely configuring devices should be enforced.

In summary, enterprises must take adequate precautions to manage and protect data related to IIoT or machine-to-machine security. By securing every necessary remote connection with VPN management, it will be possible for enterprises to stay ahead of future cybersecurity threats.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

Join the conversation


Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

gamification is the right way to work, to learn, ... to live?
This is the most absurd appeasement appeal I've seen in years, outside of the idiots in Washington. No common sense left in management is proven by this "initiative."
Build or buy?
We encourge online promoters to sell more using Gamification concept.
We're building games.
Amazing - what happen to the fundamentals.
Our customers are asking us to help with one common thread...
I cannot manage or secure what I do not know exists!
So we have a way to find EVERY IoT on a customers network in days.

Securely managing any device that is connected to your network is a must today but often organisation have a large % of devices that never connect. Rather than managing these devices over VPN manage them securely over the internet using Tachyon a new Systems Management tool.