By Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet
IIoT (Industrial Internet of Things) is all about connecting people, processes, and assets. Traditionally, devices in OT environments – machines, sensors, actuators, PLCs, etc. – have been isolated or connected directly to an ICS system. IIoT gives these devices a link to the internet. By bringing these devices “to life”, users can interact with them in real-time, draw data from them, and analyze that data via statistical or predictive analysis.
Benefits include improved operational efficiency because IIoT devices can reduce troubleshooting time from days to minutes; reduced maintenance costs via preventative maintenance using sensors that can detect when equipment will break down.
So what are the different ways that critical industries are using smart devices?
Oil and Gas
IIoT devices can be found across the oil and gas industry value chain – from upstream exploration and production to refining and downstream distribution. In the exploration and production phase (E&P), sensors and robots are used to find oil and gas reservoirs, new hydrocarbon deposits, determine new drilling spots, or find new ways to optimize well and field work. Furthermore, in difficult environments like offshore platforms, small IIoT networks can be used for rig or cargo ship monitoring, reducing the millions lost each year to non-productive time.
Manufacturing
Using the IIoT approach of Digital Twins, manufacturers can virtually replicate a product or process, enabling them to analyze the efficiency of a system, make predictions and forecasts, and help them create a better version of their products. In production lines, sensors, cameras, and data analytics can determine through predictive maintenance when a piece of machinery will fail and can help managers plan maintenance and service schedules before a problem occurs.
Power and Utilities
The power and utilities sector has tapped into and embraced the potential of smart stuff with concepts such as smart water and gas management. With smart grid, smart meters can monitor electricity consumption and transmission in real-time, which allows for more efficient, demand-based electricity generation and distribution. They can also alert electricity companies of power outages allowing them to react at speed and restore services quickly. Finally, smart meters are a critical element of the decentralized power model by facilitating the growth of energy sources such as solar panels and wind turbines, furthering efficiencies in production and distribution.
With critical industries increasingly relying on “smart stuff” to monitor, track, and manage various assets and predict, prevent, and control a number of incidents, a vital question arises – are smart devices implicitly safe to use and trust?
Smart Doesn’t Imply Secure
In fact, with each new smart device introduced into the network, the risk increases because each device is a potential new entry point for attackers. What about the connectivity and security repercussions that 5G is likely to bring? New services will bring faster speeds, greater bandwidth, and support for a large number of endpoints.
Finally, with the introduction of Mobile Private Networks and Multi-Access Edge – also known as edge computing – the mobile network and the compute infrastructure can be placed very close to the devices. This concentration of network and compute infrastructure becomes a critical part of the production environment, and protecting it is paramount.
Making smart stuff secure – Best Practices
When securing any system that includes smart stuff, there are three important factors to consider:
The first is visibility – having a global view of the system and its components, understanding which devices are connected to the network, and whether they are operating normally. Knowing “what” is connected to the network is a basic cyber hygiene principle, as you can’t protect what you can’t see. For IoT and IIoT, there are additional challenges due to the sheer number of devices involved, not to mention the complication that running endpoint agents on devices is often not possible. What is required is a complete solution that involves network access control, device management, event management, and inventory management, plus detailed analysis.
The second factor is preventing the attack. IIoT devices often have limited connectivity needs, and segmentation should be used to restrict access. Application-aware firewalls can ensure that only authorized protocols and applications are allowed. Intrusion prevention can detect and block attempts to scan for vulnerabilities or security holes, and prevent any attempt to exploit those vulnerabilities. For the IIoT infrastructure and ecosystem, since most communication is via REST APIs, detecting and stopping any attempts to gain access or exploit these APIs must be a high priority.
The third factor is recognizing when a smart device has been compromised. Following a successful intrusion, there is a reconnaissance period where the attacker will try to gather as much information as possible about the environment, identify high-value assets, and determine how best to monetize the breach. This means that there is a short window of opportunity to detect the breach, identify the compromised devices, and remove them from the network, to contain and block the attack. Solutions such as anti-botnet, compromise detection, and user & entity behavior analysis, are designed to detect a cyber-attack as soon as it happens. Adding Security Orchestration, Automation, and Response technology can take this information and perform automated investigation and response to identify and isolate or remove compromised devices before any damage is done.
Finally, all of the above security components should be part of a security fabric architecture that delivers actionable AI-driven threat intelligence and provides true integration and automation across the entire security infrastructure. With a consistent, real-time, and end-to-end security posture, visibility of the entire digital attack is ensured and recovery from attacks is swift. This ensures that your smart stuff is protected, and if it does become compromised, a security fabric architecture minimizes the impact and reduces the time required to bring your critical systems back into service.
