Industrial IoT, Industry 4.0 or Factory 4.0. Whatever you call it, the proliferation of intelligent sensors, smart robots and increasing use of innovative networking technologies (LPWAN, WPAN), combined with complex edge processing, promises to enable high stake industries and enterprises to drive better operational performance, cut costs and improve reliability. These industries are diverse, from manufacturing, oil and gas, and energy grids, through to automotive, defence and robotics, mining and shipping.
With faster connection innovation, it is getting easier and cheaper to move data from sensors to the cloud. Big-data analytics through machine-learning are expanding to offer incredible insights.
According to Accenture, by 2030, the Industrial Internet of Things could be worth $7.1 trillion to the United States, $1.8 trillion to China, $700 billion to Germany and $531 billion to the United Kingdom.
And how are they going to get there? By:
- Understanding machine health and driving predictive and preventative maintenance, thereby maximising asset utilisation;
- Improving inventory tracking and producing more accurate forecasts;
- Increasing asset productivity – think Tesla’s Gigafactory, with $100 billion in output and 3,000+ workers helping to fuel the battery revolution; and
- Helping to create new industries and support high-tech systems – medical robot designers, grid modernisation managers, intermodal transportation network engineers, and more.
So, it is no surprise to see businesses wanting to make the best use of emerging technologies such as smart connected devices, AI and blockchain.
This is, however, challenging the status quo within traditional industrial environments. The once air-gapped areas are becoming increasingly interconnected. Previous protection methods of securing such environments by implementing access control measures alone are not enough.
While Information Technology (IT) and Operational Technology (OT) networks are becoming streamlined, the next challenge is to integrate IoT networks. Additionally, for many businesses, perceptions about operational priorities have seen increased divergence between IT and OT staff.
OT teams, focussed on supply chain efficiencies and factory automation, want to ensure a Return on Investment (ROI) is generated as quickly as possible, for every penny spent impacts their short-term revenue margins. Their expectation is often that security is already embedded into the solution, like other attributes such as scalability and reliability. Having to coordinate additional security overhead with IT and third parties, often with differing sets of SLAs, appears as an inhibitor to speed of deployment.
Even when you manage to get both camps together, the challenge to keep the highly dynamic environment “securely” connected doesn’t end there. Putting in place an integrated cyber security governance framework that is transparent, effective and buys the commitment of leadership can be an arduous task. A framework such as this would need to guide the IT and OT teams by helping them overlay their network and services topology with security best practices.
- Misconfigured network environments, such as outdated firewall rules;
- Inadequate network segregation with weak authorised access;
- Deployment of systems without hardening and repurposed specifically for factory environments;
- Inconsistent patching standards across the estate; and
- Out of date and non-secure systems base in the absence of a decommissioning programme replacing aging/non-secure equipment through active asset life cycle management.
The good news is that to support with this, there is help available to organisations so that they can properly address the cyber security requirements.
In response to the growing need to consistently and effectively address cyber security, the International Electrotechnical Commission (IEC) released their new IEC 62443 standard Security framework and the Industrial Internet consortium have published their framework. There is also various referenceable guidance from the Department for Digital, Culture, Media and Sport (DCMS), Networks and Information Systems (NIS) Directive and the recently introduced General Data Protection Regulation (GDPR).
In summary, businesses and enterprises wishing to embrace the IIOT and looking to implement robust, scalable and secure solutions should:
- Apply secure design principles when architecting their smart environment;
- Adopt security-assessed hardware proven to bolster security;
- Identify and use established standards and regulatory guidance to stay compliant;
- Find the right partners to understand how technology and processes can be appropriately used to embed security, safety and data privacy; and
- Leverage the power of cloud platforms and take advantage of their expanding capabilities.
We are at a unique inflection point where the ingestion, analysis and visualisation of data can fundamentally redefine organisational decision making and cut environmental waste. By adopting a measured, purposeful and responsible approach, businesses can help an autonomous economy to flourish, where supply exactly meets demand and IIOT’s real benefits are achieved.
We’d like to know your views on IoT Security
If you like what you’ve read above, we ask that you complete our short survey (link below) – your insights are valuable!
The results of this survey will be reviewed by our experienced consultants, who will produce a report expanding on the findings. This report will be shared with you, free of charge. In addition, we offer a free 30-minute engagement with our team, should you want to have a further conversation on the topic or simply want to know more about our service – we’d love to hear from you.