How to Overcome Today’s Industrial IoT Security Challenges
In a recent CSPi blog article, we discussed the popularity of the Internet of Things (IoT) while highlighting the fact that the explosion of IoT devices adds up to real security risks for companies in a variety of commercial industries, such as industrial and healthcare. Unsecured IoT devices are a real concern given that recent Gartner research estimates that by the year 2020, more than 25% of cyberattacks will involve IoT devices. Even more alarming is that there are currently 20 billion unsecured devices in play with no signs of a slow down.
In this article, we’ll take a much closer look at the Industrial Internet of Things (IIoT) and describe how these specific devices present security risks to industrial organizations, especially those that use industrial controls or building automation technology to manage critical infrastructure.
CSPi video: To learn more about IIoT security, watch our new video, “Surgical Threat Containment for Industrial IoT,” now.
Whitepaper download: Or if you’d like to get all of this information, all in one place, please download the CSPi-Seceon white paper, “Advances in IoT Cyber Protection,” now!
Industrial IoT delivers powerful benefits …
The popularity of IIoT devices continues to grow. According to research from the 2017 Industrial Communications report, there were approximately 90 million IIoT devices in place in 2016. Yet this number is expected to grow exponentially to more than 150 million devices by 2021.
IIoT combines machine-to-machine communication, advanced data analytics, machine learning, and human insights using a network of connected devices, delivering valuable information for smarter business decision making. In this way, IIoT is capable of driving unprecedented levels of productivity, efficiency, and performance that enable industrial companies to improve financial and operational benefits.
… but also very real IIoT security concerns
As compelling as these benefits are, these devices also present many significant IoT based problems due to the unsecured nature of these devices. For example, consider these industrial IoT challenges:
- The sheer volume of known IIoT devices that now exist within industrial facilities. This creates a huge potential attack surface for cyberattackers to target.
- The fact that unknown and undetectable IoT devices, like wearables, can enter an environment.
- The overall age of legacy systems and components within a critical infrastructure that can no longer accept software patches or apply other cyber security tools.
- The fact that many infrastructure systems are made up of assorted hardware and software products that present additional security challenges due to their unique configurations.
- Users’ increased demands for consistent, uninterrupted operation of these legacy systems. This is especially true for infrastructures, such as power grids, pipelines, or water systems, where downtime can be catastrophic.
In summary, industrial environments using IIoT devices present very real security risks that must be addressed.
Why is IIoT security so challenging?
Clearly, industrial environments using the increasing number of IoT devices must consider their overall security risks, as well as the unique IoT-based challenges in order to do all they can to secure their environments. Yet this is extremely challenging, for a number of reasons.
First, consider that most network endpoints are deployed with endpoint detection and response (EDR) software applications. EDR solutions can be extremely effective at protecting most endpoints from virus infection and detecting additional threats or unknown issues.
Yet unlike other endpoints, many IoT devices can’t support add-on security applications since they tend to be “closed” devices that can’t be altered. Even if they could, they are usually limited in terms of processing power and memory, since they’ve been optimized for cost performance and battery life—clearly a conflict with power- and memory-intensive EDR applications.
All of this adds up to two real industrial IoT security challenges: First, how can IT or security teams accurately and efficiently identify, monitor, and manage all of them in order to make the right decisions on what other applications, systems, and devices they are allowed to communicate with? Then, how can they make sure that, if they are breached, attackers do no harm to the rest of the organization?
Overcome IIoT Security Concerns without an EDR
CSPi and Seceon have partnered to develop a joint solution to overcome these security vulnerabilities presented by IoT devices. By combining CSPi’s ARIA SDS Packet Intelligence solution with Seceon’s industry-leading aiSIEM solution, this joint solution now provides incredibly powerful Industrial IoT security.
For example, the ARIA SDS solution deploys transparently in the network and allows all IoT devices to be detected and monitored by looking through the network data as it flows through each device. ARIA SDS successfully classifies this data on the fly without impacting its delivery to allow monitoring of various IoT devices in-network aggregation points that are usually one step back in the wireline network.
On the Seceon side, its aiSIEM is one of the industry’s leading solutions for detecting and stopping threats. It takes the data fed by a variety of devices and applications, as well as NetFlow data, and runs it all through extensive threat models to detect threats of all kinds. Then, aiSIEM directs ARIA SDS through a simple API integration to stop identified threat conversations without disrupting or taking critical applications offline.
IIoT Security Whitepaper Download
To learn more about overall IoT based problems and security issues, including challenges posed by IIoT and IoMT devices, please download our new white paper, “Advances in IoT Cybersecurity” now.
And stay tuned for our next article, where we take a closer look at IoMT security issues—and how to overcome them!
CSPi is a leading cybersecurity firm that has been solving security challenges since 1968. Our security solutions take a radically different approach to enterprise-wide data security by focusing on the data at its source, securing DevOps applications and leveraging network traffic for actionable insights. CSPI’s ARIA SDS platform uses a simple automated approach to protect any organization’s critical data, including PII/PHI, on-premise and in public clouds, no matter if is in use, in transit, or at rest. Our Myricom® nVoy Series appliances provide compliance assurance, automated breach verification and network monitoring enabled by the 10G dropless packet capture capabilities of our Myricom® ARC intelligent adapters.