By Stephan Neumeier, Managing Director at Kaspersky
Industrial 4.0 or what we otherwise call the digitalization of industries is already here. In fact, four out of five organizations now do recognize the importance of operational network digitalization.
The natural progression from mechanization to electricity to automation and computers has made the shift a reality. We are now in the midst of a new world of cyber physical systems fueled by big data and artificial intelligence.
We have reached the point where humans are harnessing the power of technology to address the inevitable and catastrophic natural challenges our generation is currently facing. Recent years have seen the rise of smart farming, smart energy harnessing and consumption through blockchain, and more.
In fact in Singapore, a smart floating fish farm has been launched recently by Singapore Aquaculture Technologies (SAT), a subsidiary of Wintershine. As the first of its kind in the Asian country, the climate-resilient aquaculture facility promises to address the shortage of fish supply by delivering 350 tonnes of fish per year to Singapore households.
The fishes are so fresh, clean, and taste amazing. I know, because I have tasted them. Thanks to the smart sensors and systems which regulate the fishes’ feeding, the water’s temperature, acid level, and more vital parameters.
By now, you would also have realized that thousands of factories around the world employ robots that perform actions by following pre-programmed routines. These robots, also called industrial robots, are used pervasively in carrying out complex and critical tasks in all major industry sectors such as aerospace, automation, packaging and logistics. But as with any computing system, vulnerabilities in industrial components are inevitable.
While robots simplify the task and boost efficiency on the production floor, such Industry 4.0 technologies have become highly attractive cybercrime targets, too.
Only customers who have and will invest in comprehensive industrial security assessments would know what challenges they face and what steps they need to take care of to be able to handle and overcome the challenges and risks.
For instance, the smart floating fish farm I mentioned is considered to be a critical sector by Singapore Food Agency. SAT acknowledges the need to fend off future cyberattacks, hence tapping Siemens and Kaspersky to protect its networks against malicious virtual intruders.
So far, among the top risks to industrial systems that our security experts see include:
1. Unintentional infection of an industrial network
2. Fraudulent activity by employees
Gaining access to a constantly-updated database with information on vulnerabilities in ICS and industrial IoT (IIoT) products is crucial for industrial organizations with Industry 4.0 environments.
Well, that is from an industrial or enterprise perspective.
How does the rise of industrial 4.0 and digitization affect the everyday people?
You and me in IoT
Without knowing, everyone is actually part of this revolutionary change. Everyone, including you and I. Just by clicking a button – you are already part of an Industry 4.0 production.
For example, your customization would be automated from the minute you are online. From selecting the design or perhaps a shoes you wanted personalized, up to its production, the finished product and delivery.
If someone were to disrupt the process midway, it would ruin the shoes but it is not life threatening. However, in some cases, when you are part of an automated process, it can mean physical damage.
For your pharmaceutical needs, just go online and repeat the same process above. The customized drug get produced in the digital way according to your prescriptions. But if a cybercriminal disrupt the process, perhaps change your ordered dosage to a higher level, it can and eventually be life threatening.
Going back to the smart fish farming, suppose the networks and sensors were not secured, a cybergang can infect the water with poison resulting to fresh-looking but poisoned produce which can put lives of consumers at risk.
So having proper security practices and processes in place ensures that data is accessible only to those who should view or manage it. The same security protocol means data will be totally off-limits to unauthorized entities.
Establishing a Security Operation Center (SOC) is an example. With a SOC, possible cybersecurity incidents against an entire organization are immediately mitigated as data of suspicious activities are continuously collected and analyzed by one team.
A SOC is defined both as a shifting 24/7 team and a facility formed to predict, prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance.
Look into the financial industry – digitalize for many years. They did not have a choice as they are dealing with a lot of data and a lot of money. They are forced to adopt policies, evolve and deal with live data. They are forced to evolve.
However, for the rest of the industry, they are moving with the natural growth of the industry and digital process. They are already part of the process whether they like it or not. From initiating the process and closing the process, is a closed digital loop. Exactly like a bank.
They have to realize that they need to evolve.
But it is a worthwhile investment. And it’s just the first step towards establishing an organization’s ability to adapt and advance in the context of the existing threat landscape. Having an empowered internal SOC ensures that the business is prepared for any cybersecurity incidents and enables it to recover from an attack more quickly and efficiently.