Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

IIOT and the manufacturing sector, what’s the risk?

published on 2022-05-23 14:30:04 UTC by fionabail
Content:

Industrial Internet of Things (IIOT) is increasingly being adopted by the manufacturing sector in response to increasing demand for customisation, customer expectations and the global supply chain.

Two workers looking at a tablet in a manufacturing plant

IIOT allows cost reduction, shorter time-to-market, mass customization and improved safety.

  • CGI’s study reports that 62% of surveyed manufacturing enterprises are already executing digital transformation pilots and programs.
  • Bsquare annual IIoT maturity survey reports that 86% of manufacturers have already adopted IIoT solutions, and 84% of them find IIoT extremely effective.

So, IIOT is helping the manufacturing sector in a myriad of ways, but there are also associated risks with IIOT which firms quick to implement a solution might not be aware of.

  • Incorrect installation allowing security holes. This could be a simple as not changing the default passwords or removing unnecessary user accounts that came pre-loaded.
  • Legacy systems still in place. Replacing an old system with IIOT might makes sense, and even running the two alongside each other for a short while might be useful but leaving a legacy system might open an organisation up to additional security risk if the legacy system is no longer being monitored or is not being patched.
  • Larger attack surface. This means attackers have more systems that they can try and find vulnerabilities within. Considering some IIOT still have weak or no cryptography or authentication and might be using software which is vulnerable to exploits, carrying out research into the security of IIOT is critical.

What can the sector do?

Child hand reaching for building block

Do the fundamentals well:

  • Change all default passwords, enable 2FA wherever possible, have strong access controls, so access is only given on a ned to use basis and this includes programme as well as people
  • Consider regular vulnerability assessments to ensure that there are no obvious vulnerabilities that an attack could use. This is key if your “real estate” changes regularly
  • Get Cyber Essentials accreditation so you can demonstrate to your employees and supply chain that you are taking cyber resilience seriously
Photo of a research team

Carry out your research

  • What does the IIOT supplier do to maintain their own cyber security and that of their product? Share the National Cyber Security Centre’s device security principles for manufacturers and see which security mitigations they are including in their product
  • Do they use 2FA, encryption, secure code repositories?
  • Do they have default passwords that can’t be changed?

Whether you use IIOT or not, the ECRC is here to help.

The ECRC is a policing-led, not for profit, membership organisation, with the aim to increase the cyber resilience within small and medium businesses within the East of England (Hertfordshire, Bedfordshire, Cambridgeshire, Norfolk, Suffolk, Essex, and Kent).

You can contact the Cyber Resilience Centre for guidance and support through our e-mail enquiries@ecrcentre.co.uk or use our online booking system to make an appointment with one of our team.

We recommend that all businesses in the Eastern region consider joining the centre as a free core member. Core members receive regular updates which include the latest guidance, news, and security updates. Our core membership has been tailored for businesses and charities of all sizes who are based across the seven counties in the East of England.

Policing led - business focussed.

Article: IIOT and the manufacturing sector, what’s the risk? - published over 2 years ago.

https://www.ecrcentre.co.uk/post/iiot-and-the-manufacturing-sector-what-s-the-risk   
Published: 2022 05 23 14:30:04
Received: 2022 06 09 10:11:09
Feed: The Eastern Cyber Resilience Centre
Source: National Cyber Resilience Centre Group
Category: News
Topic: Cyber Security
Views: 2

Custom HTML Block

Click to Open Code Editor