Understanding the Industrial IoT and Its Cybersecurity Implications

Listen to this podcast on iTunes, Soundcloud or wherever you find your favorite audio content.

In this edition of our ongoing Security for Industries series, we’re focusing our lens on the industrial Internet of Things (IIoT) and its growing cybersecurity impact across the automotive and electronics industries.

Bringing their expert insights to the table are Lisa Fisher, MEA lead for the IBM Institute for Business Value (IBV) Performance Data and Benchmarking Program, Ben Stanley, IBM IBV global automotive research lead, and Cristene Gonzalez-Wertz, electronics and environment, energy and utilities research director for IBM IBV.

The State of the Industrial IoT

While implementing IIoT devices can help improve efficiency and boost worker safety, it also comes with potential cybersecurity challenges. Yet when Fisher went looking for specific security data, she found it conspicuously absent.

That’s why IBM IBV commissioned a pair of benchmark performance surveys across 700 companies and 18 countries to uncover key trends in the electronics and automotive industries. The data shows that just over 10 percent of all businesses surveyed were ahead of the crowd in terms of their ability to generalize IoT security best practices and develop actionable cybersecurity strategies.

Quick to Implement, Slow to Secure

Eighty-seven percent of automotive manufacturers surveyed are quick to implement IIoT, but slow to secure these devices. According to Stanley, this often stems from a priority problem: Companies know they must implement IIoT to keep up, but they generally don’t account for the long-term needs of connected device security. As a result, only 10 percent of automotive organizations have an IIoT plan in place that includes a detailed road map and executive accountability.

With consumer data now moving from vehicles into factories and companies relying more on automation, the potential risks associated with an IIoT breach are significant: Stanley points to everything from data exposure to employee harm, in addition to concerns about environmental implications and the potential for automated device takeover.

Gonzalez-Wertz adds that, meanwhile, security flaws and challenges in electronics are “now flipping into actual hardware” as attackers leverage cheap electronics with weak security to carry out distributed denial-of-service (DDoS) attacks.

Because adoption is both IT and OT-driven, companies are struggling to determine who’s in charge of security. Gonzalez-Wertz recommends adopting artificial intelligence (AI)-driven security tools, bolstering device privacy controls and focusing on employee education.

How Can Companies Improve IIoT Security?

While there’s now greater industry awareness of IIoT concerns, according to Stanley, companies need a vision — one that includes clear adoption, implementation and chain-of-responsibility protocols — to improve overall cybersecurity. He recommends conducting a yearly benchmarking review to see how organizations are doing and discover new avenues for secure IIoT integration.

Want more IIoT data after listening to the podcast? Dig deeper with IBM’s new reports, “Automotive Industrial Internet of Things: Quick to Implement, Slow to Secure” and “Industrial Internet of Things Cybersecurity: As Strong as Its Weakest Link.”

If you enjoyed listening, don’t forget to subscribe so you never miss a new episode. Please also consider rating the podcast or leaving your feedback on iTunes or wherever you listen.

Security Intelligence Staff

Security Intelligence Staff

Security Intelligence strives to be the leading site for technical and business-focused security content. Security is...