A new report highlights the need for a wide scale cultural change in order for the Industrial Internet of Things (IIoT) to be safe. As more and more organisations globally are becoming connected, there is a demand for bandwidth and the need for personnel skilled in best security practices related to the design, build and operation of IoT systems.
IIoT focuses specifically on the industrial application of connected physical devices within critical infrastructures such as electricity, manufacturing, oil and gas, transportation and healthcare and its installation is forecast to triple by 23.14 billion devices this year, to 75.44 billion in 2025.
More than half of the 200 respondents surveyed said that the most vulnerable aspects of their IoT infrastructure is data, firmware, embedded systems or general endpoints.The report suggests that companies should invest in their personnel, growing their knowledge and skills to effectively manage risk throughout all phases of the IIoT system life cycle (design, build, operate, maintain).
These investments and improvements, combined with vigilance and partner collaboration that extends into a company’s supply chain, can also have a material effect on reducing risks often introduced during the procurement, factory-acceptance, installation and site-acceptance processes, as well as service/maintenance activities.
Investing in the staff skills building had already been recognised as important; however, ongoing personnel readiness will become a critical factor as threats evolve. Moreover, organisations will need a roadmap that can guide stakeholders in blending together formal definitions, data standards, common protocols, connectivity requirements and best practices to achieve the interoperability needed to have IIoT systems that work together securely.
Another crucial issue for manufacturers is to strengthen their life-cycle management procedures, especially for asset inventory and management, configuration management, and change management to address the complexities of IIoT. Respondents cited the failure to incorporate good security practices in the IIoT life-cycle models for systems as among the top threats for the next two years.