Not-so Doom & Gloom: Best Practices to Build a Pragmatic Security Strategy for IIoT
by Exosite, on June 27, 2017
Technology has always been a step ahead of the culture that develops it. Cars existed long before roads, safety standards, and laws governing driving came into being. Similarly, IoT security continues to make technological improvements in leaps and bounds, while the culture critical to successful (and secure) usage lags behind.
At the same time, IoT has spread beyond relatively benign consumer products and into large industrials. The insight, conveniences, and power of the industrial Internet has drawn in thousands of mission-critical assets and systems. With the increased power comes the increased risk associated with Internet-connecting multi-million dollar equipment capable of causing harm to personnel and other systems. IoT companies now have to consider security as synonymous with safety when dealing with industrial equipment where device-state changes can have devastating impacts to systems and people.
As industrial applications continue to see high rates of IoT adoption, the human element will play an increasingly important role in security alongside technology. The management of users, permissions, relationships, data breaches, and insider adversaries present a special and unique risk to systems even when they implement the most secure device-level communication.
In reality, any system can and will be compromised. As bleak as this may sound, this understanding can help organizations develop an approach to IoT security that seeks to protect against, deter, detect, contain, and minimize the impact of hacking attempts.
A modern, pragmatic approach to IoT security must involve strategies that pull from both technology and culture equally to be effective. Our latest white paper discusses how:
- Comprehensive security strategy first begins with an in-depth understanding of the technology concepts that are key to IoT security.
- Proven technology approaches can be used together to provide defense in depth.
- Identifying the core cultural values that must be in place to support technology components provide a path to develop a well-rounded, effective approach to IoT security.