New report warns of industrial IoT cybersecurity risks

industrial Iot

In 2018, the global industrial Internet of Things market generated $72.34 billion. And according to global market intelligence firm BIS Research, that growth is poised to continue over the next five years.  In a report released on January 24, BIS predicts the industrial IoT market is expected to grow at a CAGR of 8.41%  from 2019 to 2024.

“The Industrial IoT market is witnessing a high growth rate due to the constant effort of major organizations to produce connected business models,” BIS says. “Moreover, the demand for connectivity is further going to increase in the coming years owing to the launch of 5G services which can help in reducing the latency and increasing the throughput of data. Further, the growth of Industrial IoT market in Europe is currently the highest, due to the region’s strong inclination toward automotive and manufacturing sector, where the greatest number of Industrial IoT solutions are deployed.”

Industrial IoT  technology is helping to usher in a wave of digital transformation in the realm of smart building and smart manufacturing. It’s helping to improve efficiency, quality and safety, but according to a new white paper by the analyst firm ARC Advisory Group, industrial IoT is also putting operations at increased risk.

ARC believe cybersecurity risks are impeding digital transformation in industrial and critical infrastructure organizations. The increased connectivity of information technology, operational technology, cloud and third-party systems open operations up to cyber attacks. These attacks can result in costly downtime, safety and environmental incidents, and the theft of trade secrets.

This new landscape has put a new burden on security teams tasked with improving their organization’s defenses.

“New, unmanaged IoT devices and internet connections are being added to IT and OT systems without warning and without adequate security capabilities,” the report says. “Poor asset visibility and lack of security resources undermine their efforts to manage the surge in vulnerability alerts and security updates. Efforts to engage suppliers in security management create additional risks and leave them with little understanding of actual cyber exposure.”

In order to combat the risks associated with systems with mixed IT, OT, and unmanaged IoT devices, ARC recommends continuous IoT/ICS network security monitoring. This allows security teams to identify suspicious or unauthorized network traffic and unexpected device changes before it’s too late.

Continuous monitoring can help security teams detect and identify unknown devices, maintain accurate asset inventories, identify vulnerabilities, assess risks, and provide time for teams to implement defense mechanisms like patches. In addition to improved security, it can also lead to cost savings by giving organizations an up-to-date inventory of assets, which allows them to minimize spare parts for devices that are no longer being used.

ARC’s report specifically highlights the CyberX platform, which provides the capabilities needed to monitor, assess, and manage security in mixed IT, OT, and IoT environments. The continuous monitoring platform is agentless and can auto-discover assets with passive monitoring.

“While digital transformation projects offer significant benefits, they also increase the risks of a costly and/or dangerous cyber incident,” the report says. “Deploying unmanaged IoT devices will expand the attack surface and increased connectivity will facilitate attackers’ efforts to access critical systems. As defensive options are limited, security teams need to continuously monitor all devices and network traffic flowing within critical systems. Continuous IoT/ICS network security monitoring was designed for systems with mixed IT, OT, and unmanaged IoT devices. The technology’s value has been proven in a variety of complex environments. Security teams should consider how they can leverage this technology to address reducing the cyber risks associated with digital transformation.”

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related