Securing the Industrial Internet of Things
Greater connectivity means more knowledge, which means increased opportunities, and all of it revolves around security, according to John Herold, vice president of global industrial marketing at Belden.
"Security is one of the key points when we talk to industrial companies," Herold said during his presentation at the IEI Design Seminar in Schaumburg, Ill. "We have found security is a key entry point. It has to be thought of."
Herold made it clear greater connectivity is coming, and right now the buzz phrase is the Industrial Internet of Things (IIoT). With that increase in connectivity, the attack surface for the industrial sector skyrockets. That means security needs to have a stronger presence in the industry than it currently has.
While the talk around the industry centers around the IIoT, few have moved forward with thoughts and ideas on what users could do to reap the benefits from this movement toward greater connectivity. With the impact from the Internet of Things (IoT) expected to reach $11.1 trillion by 2025, Herold outlined five steps on how users could benefit:
These five steps are:
- Proper design
While he did talk about the five steps, keep in mind they all revolve around ensuring they remain secure. When it comes to the assess stage, users must know what they have, where it is, what it does, and who owns and manages it. In the mitigate/update stage, users should make Ethernet their foundation. "You need to consider security risks with each new connection to the system," Herold said.
In creating the right design, end users need to focus on the network and create a zones and conduit segmentation model. They must also understand the security risks and be able to benchmark the network against industry best practices. In the growth step, users can get caught in a cycle. Yes, they are growing, and that is a good thing, however, that also means they are more vulnerable. "There are internal risks, but also external risks," he said. At this point, part of the protection model calls for overlapping security.
"Overlapping security layers simply reduce risk," Herold said. "Learn which areas need to be protected. You will never be able to totally protect everything in your network, it would be way too expensive."
The fifth stage focuses on monitoring the network. "Technology changes, which means the network will change," he said. That means users need to make a plan which calls for regular maintenance, constantly monitoring the network, system failure alerts, and established response protocols.
"IIoT is real; it is not going away," Herold said. To take advantage, IIoT users "Need a sound infrastructure. We should be using real-time data; that is the key."
Gregory Hale is the editor and founder of Industrial Safety and Security Source (ISSSource.com), a news and information website covering safety and security issues in the manufacturing automation sector. This content originally appeared on ISSSource.com. Edited by Chris Vavra, production editor, CFE Media, firstname.lastname@example.org.