Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What you need for IoT security (Part 2): Security in the manufacturing and operation process

Manoj Kumar Rai, Head of M2M Solutions, South Asia & Japan, Gemalto | July 11, 2016
This is the second article on IoT security, dealing with security of the manufacturing and operation process.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

Part 1 | Part 2 | Part 3 | Part 4 | Part 5 Part 6 | Part 7 | Part 8 

In our previous article, we discussed how successful deployment of IoT will require careful planning and design, to secure each vulnerable point in the ecosystem. The sheer scope of connected devices and data collected is simply unimaginable. To make matters complicated, these devices and data can now be present anywhere - on premises, virtual servers, or on clouds - and use new communication technologies, making sensitive data move beyond the traditional perimeters of our offices and homes.

Spurred by private sector awareness and increasing cybercrime, it is predicted that, Asia Pacific organisations will spend $22 billion on critical infrastructure technologies by 2020, according to ABI Research. The lucrative original equipment manufacturers (OEMs) market - which ties Asia Pacific to electronic manufacturers worldwide - is also an attractive target for hackers and malware creators. As demand grows for Internet of Things (IoT) solutions, OEM vendor spending on security must increase to meet customers' concerns. More businesses will turn to Asia Pacific's expanding roster of OEMs and original design manufacturers (ODMs) for partnerships and joint research and development agreements, according to IDC.

The manufacturing industry is already the golden goose as far as the cybercriminal is concerned, with Verizon 2015 Data Breach Investigations Report rating it as the third most highly targeted industry. It is not a new target of cyber-attacks, but is experiencing new kinds of attacks. From state-backed spies wanting to steal sensitive information about a country's assets, to organised crimes aiming to make money from stealing and reselling intellectual property or extortion, or even simple hackers creating disruption to prove a point, manufacturing industry will see increasingly sophisticated cyber threats.

Todays' manufacturers leverage an increasingly distributed mix of third-party vendors and partners, to source, build, assemble, distribute, and maintain its products. The modern ecosystem requires timely distribution of not only materials, but volumes of sensitive information such as intellectual property, source code, binary code, patents, product designs, market research, customer information, business plans, and other resources. While this distributed supply chain model provides improved agility and profits, it has also created a range of potential security vulnerabilities targeting the whole ecosystem. In the past, threats were typically about exploiting weaknesses, but this is likely to change to a more disruptive pattern as sophisticated attacks purposely seek to target intellectual property, or cause sabotage or business losses. According to a 2014 Kaspersky Lab Survey, one in every five manufacturing businesses lost intellectual property in 2013 to security breaches.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.