Forecasters predict that the Internet of Things (IoT) will increase the number of machines, appliances and devices connected to the Internet from the current five billion to 80 billion by 2020. Greater connectivity means more knowledge, which means increased opportunities – and it all revolves around security.
“Security is one of the key points when we talk to industrial companies,” said John Herold, Belden’s vice president of global industrial marketing during his presentation last month at the Industrial Ethernet Infrastructure Design Seminar. “We have found security is a key entry point. It has to be thought of.”
During his talk, John made it clear greater connectivity is coming and right now the buzz phrase is the Industrial Internet of Things (IIoT). With that increase in connectivity, the attack surface for the industrial sector skyrockets. Thaat means security needs to have a stronger presence in the industry than it currently has.With the financial impact from IoT expected to reach $11.1 trillion by 2025, what steps should you take today to make sure your industrial network is poised to benefit from the IoT’s brother, the IIoT?
IIoT applications that enable worker mobility or secure remote access will contribute to competitive advantage. Follow the 5 steps described below to make sure your industrial network is ready.
Here are the five steps John recommended to take now to ensure your industrial network is ready to benefit from IIoT-based manufacturing and process control applications. Keep in mind that all of these steps revolve around making sure your communications infrastructure is secure.
1. Assess and Map Industrial Networking Infrastructure
When it comes to the assess stage, make sure you know what you have, where it is, what it does and who owns and manages it. If you have a large system, you will save time and effort doing this by using Network Management Software (NMS) such as Industrial HiVision.
2. Migrate / Update to Ethernet
Make Ethernet the foundation of your communications infrastructure and upgrade bandwidth, memory, switches and routers to support it. For existing components such as sensors, actuators and electric motors that communicate using fieldbus, plan their migration to Ethernet.
3. Update Network Design for Scalability and SecurityA well organized and segmented network is essential for scalability and security. ISA IEC 62443 (formerly ISA 99) best practices explain how to divide up a network into zones of devices with similar cybersecurity requirements and protect them with appropriate conduits (such as the Tofino Security Firewall).
4. Protect Reliability and Resiliency with Defense in Depth
Cybersecurity isn’t just about attackers from motivated hackers. The majority of industrial cybersecurity incidents are unintentional, resulting from human error, device flaws and accidental malware introductions. Good network segmentation with security conduits contributes to Defense in Depth, as do many other measures. Today and tomorrow, Defense in Depth practices are essential for high system reliability and resilience.
“Overlapping security layers simply reduces risk,” noted John in his presentation. “Learn which areas need to be protected. You will never be able to totally protect everything in your network, it would be way too expensive. But you must prioritize the security of the most mission-critical components.”
5. Monitor for Changes, Anomalies and Malware
“Technology changes, which means the network will change. That means you need to make a plan which calls for regular maintenance, constant network monitoring and system failure alerts. In addition, incident response protocols need to be established.”
The benefits of the IIoT are going to be new value chains, the mass customization of products, and reductions in energy and other costs.
What about the challenges? While you are thinking of what needs to be done to make your industrial network “IIoT-ready” it is helpful to also think about what the challenges will be. Our colleagues at Tripwire asked a number of industrial cybersecurity experts about these challenges and what should be done about them.
Don’t miss their article “5 Key Challenges for the Industrial Internet of Things (IIoT).”
John Herold concluded his article with “IIoT is real, it is not going away. To take advantage of it, manufacturers and process control operators need a sound infrastructure. We should be using real-time data; that is the key.”
Are you updating your communications infrastructure because of the IIoT? What challenges are you facing? I look forward to hearing from you.This article is adapted with permission from an article written by Greg Hale of ISSSource.com. Follow Greg @isssource.com.
Belden / Tripwire Products for ICS Security