While the digitalization of industrial infrastructure is ongoing, over 55% of organizations believe that the Internet of Things (IoT) will transform the cybersecurity posture in Industrial Control Systems (ICS). A research from Kaspersky revealed that 20% of organizations have already prioritized IoT-related security incidents. Cyberattacks on the Industrial Internet of Things (IIoT) has become a primary security concern for 1 in 5 organizations.
Addressing these issues require highly skilled security professionals than regular IT teams. It became a challenge for most organizations as 44% of security personnel in 50% of the enterprises surveyed are working on initiatives to protect digitalized OT systems. While 19% of enterprises implemented traffic monitoring services, 14% have introduced network anomaly detection as these solutions allow security teams to track anomalies or unauthorized activities in IoT systems.
Kaspersky also recommended certain steps to ensure their IIoT systems are used effectively and securely:
- Consider protection at the very beginning of IIoT implementation by using dedicated security solutions.
- Assess the status of a device’s security before its implementation. Preferences should be given to devices that have cybersecurity certificates and products from those manufacturers that pay more attention to information security.
- Conduct regular security audits and provide the security team responsible for protecting IoT systems with up-to-date threat intelligence.
- Establish procedures for obtaining information on relevant vulnerabilities in software and applications, and available updates to ensure proper and timely responses to any incidents.
- Implement cybersecurity solutions designed to analyze network traffic and detect anomalies and prevent IoT network attacks, then integrate the analysis into the enterprise network security system.
Grigory Sizov, Head of Kaspersky business unit said, “While industrial enterprises will only increase the implementation of connected devices and smart systems, they should strive for the same efficiency level when it comes to protection. To achieve this, protection should be built-in when a project is initiated, and for some companies, it should be done today. IIoT components must be secure at their core to eliminate the possibility of an attack on them. Along with traffic protection and other technologies, this makes the entire system secure by design and this means it becomes immune to cyber-risks.”