In December 2017, cyberattackers used TRITON/TRISIS malware to target safety instrumented system (SIS) controllers at a critical infrastructure organization. The malware was designed specifically to interact with the controllers, potentially to damage equipment and shut down operations, according to the New Jersey Cybersecurity & Communications Integration Cell. That attack underscored the risk of implementing industrial Internet of Things (IIoT) technologies. As their numbers grow, so does the potential for data exposure, production disruptions, reputational damage, intellectual property theft, and even injury and loss of life.

Current Industrial IoT Deployments Lack Key Security Considerations

Electronics manufacturing plants have become increasingly instrumented and connected, transforming into cyber-physical systems with the IIoT as a core cognitive component. IIoT devices and sensors embedded in physical assets churn out masses of data, providing insight into operations and highlighting opportunities to improve efficiencies. But between now and 2020, as reported by The Verge, IoT device manufacturers have no legal requirement to equip products with security features.

Connecting previously closed systems to the internet exposes new attack surfaces and security targets. Adding intelligent and automated manufacturing equipment and processes increases the number of access points for threat actors, competitors, nation states and even disgruntled employees. Although many risks can be addressed or mitigated, too many electronics companies deploy IIoT technologies without fully evaluating or protecting against the risks, and without preparing a fast and effective response to a breach.

Security Capabilities Must Keep Pace With IoT Solutions

To better understand IIoT security risks and implications in operational environments, the IBM Institute for Business Value (IBV) partnered with Oxford Economics to survey 700 energy and industrial executives in 18 countries. The report on the 269 electronics firms that participated, titled “Electronics Industrial IoT Cybersecurity: As Strong as Its Weakest Link,” benchmarks the level of IIoT technology adoption and explores associated cybersecurity risks.

The most common applications deployed by electronics firms are real-time equipment monitoring (65 percent) and predictive maintenance (58 percent), followed by asset/equipment monitoring and automation of machines and workflows. But across sectors, firms are implementing IIoT solutions faster than they’re securing them. Why? In many cases, they’re not confident in the combination of cybersecurity capabilities — the skills, controls, practices and protective technologies — needed to secure their businesses.

Follow the Leaders to Protect Environments and Detect Breaches

The IBV study found that 36 electronics companies are among the leaders in securing IIoT environments. These firms are in the top quartile of performance on three measures:

  1. Percentage of known IIoT vulnerabilities addressed by security controls.
  2. Cycle time to discover/detect IIoT cybersecurity incidents.
  3. Cycle time to respond to and recover from IIoT cybersecurity incidents.

These leaders have a better grasp on the security requirements of IIoT deployments and connected industrial control systems (ICSs) than the average enterprise. Furthermore, they stand out in their use of the following nine security practices to protect data, safeguard devices, and augment threat detection and response with automation and cognitive intelligence:

  1. Apply user privacy controls to IIoT devices.
  2. Use authentication to verify users on IIoT devices.
  3. Define clear service-level agreements (SLAs) for security and privacy.
  4. Inventory all authorized and unauthorized software.
  5. Use devices with built-in diagnostics.
  6. Automate scanning of connected devices.
  7. Secure device hardware and firmware.
  8. Use advanced behavioral analytics for breach detection and response.
  9. Use artificial intelligence (AI) technology to enable real-time monitoring and response.

A Custom Approach to Securing Industrial IoT Ecosystems

In terms of vulnerabilities, threats and incidents, there are notable differences among electronics industry sectors. For example, 37 percent of appliance manufacturers listed applications built on cloud solutions and IoT platforms as their greatest IIoT vulnerability, but these weren’t in the top three for any other sector. Appliance manufacturers also ranked unauthorized access or abuse of access credentials as the greatest IIoT-related threat and internal theft/fraud as the most common IIoT cybersecurity incident.

Regardless of sector, securing an IIoT ecosystem starts with a clear strategy that balances prevention and detection. Next, integrate security technologies into operational processes and apply intelligent and automated capabilities to deal with advancing and unknown threats. Finally, enterprises should have an incident response and communications plan in place so they can recover from a breach as quickly as possible and minimize damage to critical assets.

Read the report

More from Application Security

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today