IIoT Security: Obscurity is no longer an Option

Posted by & filed under .

I was inspired by the article by our own Ken Briodagh about Altair and Jig Saw recent efforts to add security to IIoT systems using LTE NB-IOT/CAT – M solutions.  These standard chipsets reduce the risk of DDOS attacks IMHO because of the throughput.  The Industrial IoT market is changing with PLCs and peripheral sensors being employed to gather more data.  The added connectivity directly to PLC’s can be an Achilles heel. It makes an industrial control vulnerable that has been in a closed system for ages.  I will venture a guess that because these systems were single function, many of these systems have never been given a security update.

However, the change has been coming.  The Industrial Internet Consortium [IIC] has built a frameworkfor adding security into the mix and Steve Hanna will be speaking to this in the general session at IoT Evolution.  In addition our goal is to discuss the issues with adding all this information and when to act upon it.

Mike Krell of James Brehm & Associates(where I also work) and I have a continual discussion about the security strategy.  Mike points out the significant risks of certain control systems such as Energy management.  Ken Briodagh shares his view in some ways who points out that systems still have antiquated login strategies.

While I agree that these systems are vulnerable this often means feet on the street repair.  I therefore look at the network security solutions to prioritize.

As Richard Soley of the IIC has pointed out there are two types of companies those that have been hacked and those that don’t know it.

Obscurity is no longer an answer.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *