The industrial Internet of Things: From preventive to reactive systems — redefining your cyber security game plan for the changing world

Abstract

Information technology (IT) and operational technology (OT) share a common set of technologies, but these platforms differ greatly in operational life cycle requirements, potential life/safety impact, and security assurance requirements for confidentiality versus availability. A new generation of OT platforms, called the Industrial Internet of Things (IIoT), offers both challenges and opportunities to forge new connections between the cyber and physical worlds. The urgency to connect these worlds from a security visibility perspective is high, as attackers can and will attack any connected platform; the classic OT security strategy of air-gapping devices does not adapt well to this new generation of connected devices. As a plethora of devices and systems are connected to allow for IIoT innovation, the increased number of endpoints makes protecting these devices ever more challenging even as they give ample opportunity for attackers. The vital importance of securing devices that run critical infrastructure or life-saving devices is paramount, and proactive and reactive elements must work together to protect, detect and automate response to threats using cloud scale and machine learning to amplify human intelligence. This paper makes suggestions about how to use the power of the cloud, improvements in machine learning and integrated signals in order to detect and remedy security issues. The paper posits that, in order to do that, we must think about where the signal is and how we can aggregate and centralise it to allow machine learning to detect anomalies.