How Collaboration of IT And OT Can Strenghten Corporate IoT Security
Edited by Ingo Becker
Securing the Internet of Things (IoT) progress in a company requires strategy and structure. Besides IoT brings a bunch of opportunities for the global industries, an overall challenge lies in how organisations secure connected devices, networks and the data they handle and how their employees are enabled and prepared for relevant implementation. Here’s an overview to focus on relevant areas for IoT security.
Today there are more than five billion connected devices worldwide, up to more than 20 billion anticipated by 2020, due to Gartner analysts. the potential threat looms large. On the one hand the growth of connected creates immense added value, apparently and presumably. That means as well that the fast-paced and broad adoption of sensors and IoT devices in a connected manufacturing, utility, finance and telecommunications world brings global industry sectors – within different stages of threats – global industries infrastructure into exceedingly attackable situations.
An obvious vulnerability is represented by the equipments’ main feature list: A large number of IoT endpoint manufacturers (still) provide or no integrated security for their products. Controllers that operate in nearly every industrial environment lack basic security protections like authentication and encryption. Hackers just need access to the controllers to change configuration, logic and state.
4 Main Principles For IoT Security
IoT security can be optimized with a disciplined process that involves equipment selection, regular maintenance and cross-functional collaboration. In the case that information technology (IT) and operational technology (OT) of an organization work or influenced by IoT, employees of both departments need to synchronize appropriate strategies and implementation.
Key steps to secure the IoT are:
- Operating hardware and software only with adequate security enhancement.
- Changing used usernames and passwords on corporate devices frequently.
- Ensuring regular/ immediate update and patches of applied operating systems of IoT devices.
- Implementing data encryption, network authentication and secure private networks.
Companies can be guides by counsel with ability to plan and/or roll-out sufficient secure IoT.
IT and OT Need For Digital Expertise
Both IT and OT need digital expertise. Advanced knowledge about industrial networking and application protocols enable IT specialists to enrich their personal skillsets. Comprehensive IoT security knowledge and the ability to make a decision about the appropriate choice for their organization will characterize IT professionals of the digital era. OT staff need to transfer their setting to a reduced IP-connected stage – data goes in and out at one primary point.
As well as it is immanent for IT and OT to collaborate, it is also important to instruct and train their existing skill sets. Creating, securing and supporting IoT implementations require new skill sets as well as a strategy to refresh those skills continuously. Training staff members to address IoT is essential for successful digital transformation. OT experts presumably move to a flattened IP-connected situation, in which information flows through a single, physical location.
Future Skills: Endpoint Protection – Training – Certification
As IoT with connected devices, sensors, and apps extends in general, the demand for specialists in enterprise security and engineering will increase. Individuals and organizations can prepare for this exponential demand by first becoming aware of their own capabilities in IoT and security. Learning basic principles of IoT endpoint protection is critical to successful digital transformation. Especially certifications ensure a structure of quality regarding state and potential for the development of an organization in terms of successful digital transformation and its future business growth.