A 2015 Accenture report estimated that the Industrial Internet of Things (IIoT) will add $14.2 trillion to the global economy by opening new opportunities. And Cisco estimates IIoT will save an additional $3.9 trillion via efficiency improvements and cost savings.
Obviously, the sooner an industry decides to expand its IIoT ecosystem, the quicker it can enjoy new revenue streams and cost efficiencies. However, jumping on the IIoT bandwagon too quickly and too extensively can lead to problems. In its report about the future of IoT, Gartner describes three red flags that also applies to IIoT:
- The IoT demands a wide range of new technologies and skills that many organizations have yet to master.
- A recurring theme in IoT is the immaturity of technologies and services and of the vendors providing them. Architecting for this immaturity and managing the risk it creates will be a key challenge for organizations exploiting the IoT.
- In many technology areas, lack of skills will also pose significant challenges.
One of those significant challenges is thwarting cyberattacks. According to a Kaspersky Lab report, 40% of industrial computers were hacked during the second half of 2016. The Internet was the source of 22% of industrial system infections – more than removable media, email clients, archives, network shares, backup copies and cloud storage combined.
When choosing network architecture, it’s imperative industry infrastructure and operations (I&O) authorities understand the threats their industries face. Here are four major security risks to consider when implementing IIoT within your ecosystem:
DoS/DDoS. DoS/DDoS performed against IIoT can result in blackouts, loss of revenue and loss of life. A DoS attack can be launched against an IIoT network to deny services performed by its devices. These attacks can also be instrumented from the IIoT network itself when the devices are infected with malware.
Replay attacks. IIoT devices are small with a specific task that they do repetitively. This makes IIoT susceptible to replay attacks and detection of anomalies that can be replayed to cause an event-affecting alarm.
Unauthorized access. The biggest security risk to your network and devices is people. IIoT involves multiple ecosystem partners that include people within your organization and external contractors. Access to the industrial control networks from the enterprise network or the enterprise VPN can easily lead to unauthorized access to the entire network – even when access to a specific service is all that is required.
Infiltration/exfiltration of data and malware. Employee devices have a high potential for malware infection through personal interactions with the Internet. These compromised devices come in and out of your enterprise and are connected to the IIoT network, increasing the risk that it will be compromised. Once that happens, hackers have the opportunity to exfiltrate valuable data from your business.
The IIoT learning curve is steep, slippery, and potentially costly. Choosing the wrong network architecture can limit more than its performance or scalability. It can limit your ability to protect your enterprise from cyberthreats.
For more information on how we or one of our carrier partners can help you secure your network and take advantage of all IIoT has to offer, email us at firstname.lastname@example.org or call us at (844) 403-5852.