Industry Needs to Collaborate to Improve Cybersecurity Culture
Reap the benefits of Industrial IoT by paying closer attention to cybersecurity and IT and OT functions.
Join the DZone community and get the full member experience.Join For Free
The Industrial Internet of Things (IIoT) and other emerging trends, such as digitization, deliver true business benefits, but reaping the most value from these initiatives requires manufacturers to unify their operations and business processes in some way. One common way of doing that is by bringing the IT functions that have historically controlled the business closer together with the operational technology (OT) functions that control the manufacturing process. More intelligent, connected devices empower better visibility and control of more than just the real-time efficiency of operations. Plant managers can begin to control other critical business variables in real time, including safety, reliability, and operational profitability. This is the culmination of closing the OT-IT divide.
But connecting the business layer with the operations layer increases the entry points for potential hackers. And when you consider that many of the systems that control our most critical and volatile manufacturing operations were installed decades ago, long before cybersecurity was a consideration and business threat, we realize we are never safe from an intrusion.
IIoT and Cybersecurity Threats
The potential business benefits of enabling connectivity across and between IT and OT systems are critical. Closing the IT-OT divide means companies will better understand and control not just their manufacturing operations in real time but their business performance, too. Yet, all too often, companies are not considering security when they embark on their digitization and connectivity journey.
Connecting industrial components to one another and to outside networks (IIoT) increases what cybersecurity experts call “the attack surface.” This is particularly troubling in critical industries, such as power generation and petrochemical refining, where the consequences of an incident can be wide-reaching, severe and even deadly.
This problem is in large part because the automation, safety, and control systems installed in these companies often pre-date the digital world we now live and work in. They were not built to sustain or withstand the type of cyber attacks we now face, and for the most part, they are not inherently cyber-secure.
Shifts in Culture
Attackers can target almost any connected device, sensor, or system to gain ingress and cause havoc across aging industrial and manufacturing systems. That is why it is absolutely vital for the industry to improve its cybersecurity culture, especially because the risks associated with critical infrastructure systems being taken down are so high.
Successfully developing a stronger culture of cybersecurity requires some fundamental actions. First, because they are your best and often the first line of defense, your people must be properly educated and trained. After that, businesses have to understand and apply best practices, as well as adhere to the most current industry standards and follow vendor-provided guidelines, recommendations, and practices when it comes to securing their systems. Third, and perhaps most critically, we all must learn to collaborate openly to share knowledge and experience across competitive lines.
All parties, including suppliers, end users, standards bodies, and government agencies, must work together to develop and maintain stronger unifying standards and best practices when it comes to technology.
Cybersecurity is ubiquitous, and we all have a responsibility to drive change by establishing new levels of collaboration and openness. Cybersecurity isn’t limited to a single company, industry, or region. It’s an international threat to public safety, and it can only be addressed through cooperation that extends beyond borders and competitive interests, to protect the people, communities, and environments we serve for decades to come.
Opinions expressed by DZone contributors are their own.