What are the IT security risks to which industrial plants and IIoT in particular are exposed?
In the modern landscape, where industrial operations seamlessly integrate with technology, cybersecurity is a concern not only to safeguard production but also to mitigate the risk of physical incidents that may involve employees. The digitization of industrial plants has led to unprecedented efficiency and connectivity, but it has also paved the way for a series of vulnerabilities and security risks. However, this progress is not without challenges. The integration of IIoT has increased the attack surface, multiplying potential entry points for cybercriminals. From sensors to engineers’ workstations, every device represents a possible vulnerability if not adequately updated and monitored. Furthermore, legacy systems present in industries, which are difficult to replace and impossible to update, become vulnerable if connected to modern IIoT devices. ICS communication protocols lacking encryption, authentication, or access controls present the same dynamic. Attackers can use sniffing software to intercept and manipulate traffic. Finally, critical information gathered from IIoT devices to improve production is of interest to cybercriminals, putting at risk both operational integrity and the leakage of sensitive information.
How do you assess the current level of perception/information on real risks?
Despite the OT sector agreeing on the importance of cybersecurity, there is still a significant gap between awareness and practical skills in the OT sector. Last year, we observed a sharp increase in attacks on the industrial sector: a symptom of increased interest from cybercriminals but also of greater ease of compromise. The potential cybersecurity risks associated with this sector are often underestimated, leading to insufficient security measures. The complexity of technologies requires specialized cybersecurity skills, which are often inadequate and insufficient.
What strategy do you suggest to adopt?
To bridge this gap, an effort from all stakeholders is necessary, including industrial device manufacturers, industry regulators, and the cybersecurity community in general. It is essential to create a solid security culture with regular awareness and training of all employees. The implementation of layered security measures, such as network segmentation, strong access control, and regular updates, is crucial. Improving network visibility through continuous monitoring and an effective incident response plan are essential components. Investments in advanced security technologies, including protecting industrial devices and monitoring their vulnerabilities, ensure proactive defense capable of adapting to the rapidly evolving cyber threats.
What do you suggest in terms of solutions/consulting/installation?
It is crucial to implement specific technological solutions identified based on the vertical characteristics of the enterprise; after conducting a security audit to identify any misconfigurations, vulnerabilities, risk vectors, it is necessary to prioritize to select the most appropriate technologies to protect the infrastructures and the entire OT environment.
The Industrial Internet of Things (IIoT) is now an integral part of overall threat modeling, so it is essential to consider devices as potential targets. When the company develops its security strategy, it must also take IIoT devices into account and opt for solutions which protect and limit attacks on IIoT devices.
It is also important a greater awareness of the objectives of malicious campaigns targeting industrial organizations, as well as information on the vulnerabilities present in the most common industrial control systems and underlying technologies, is essential. However, security technologies must be complemented by specific training sessions for all employees, from engineers to workers to reception staff, to raise awareness of cyber threats targeting “human vulnerability.”
For more information about trainning, visit the Industrial Cybersecurity Center Professional School page
Autor:
Marco Di Costanzo
CCI Coordinator for Italy