Digital transformation has become an imperative for industrial companies and infrastructure operators. Whether it’s called Industrial Internet of Things, Industry 4.0, or Digitization, companies want to leverage new technologies and broad connectivity to improve performance and enable new business models. Managers of facilities see opportunities to improve operational efficiency and asset performance. Equipment suppliers want to extend service offerings and increase the value of their products.
These developments offer significant benefits, but many companies are concerned with the increased cyber risks. Insecure devices can offer new entry points for attacks. Insecure connectivity can enable lateral movement and expand attacker access to confidential information and critical control systems.
Security Needs to Be Addressed Throughout IoT Device Supply Chains
Ensuring the security of IoT devices and deployments is an essential step in overcoming these cyber concerns. Secure development lifecycle processes (SDLC) can help to ensure secure-by-design devices but this is no panacea. Complex IoT device supply chains offer many opportunities for attackers to undermine device integrity, steal security credentials and compromise collected data. While challenging, technology providers, device OEMs, distributors, implementers, IoT platforms and end users need to recognize and address all security gaps.
ARC, Intel, and Mocana will be discussing some of the most challenging issues in IoT device supply chain security in a webinar on September 18, 2018. I encourage all ARC clients to attend this event and learn more about the issues and available solutions. It’s time for everyone to address the security roadblocks to broader deployment of industrial digital transformation initiatives.
Vice President, Cybersecurity Services
Sid’s responsibilities include leadership of ARC’s Industrial Cybersecurity practice, which develops products and services for protecting industrial facilities. Sid also supports ARC clients in Asset Lifecycle Information Management and the Industrial Internet of Things (IIoT).