COVID Silver Lining: Accelerating Extended IoT


XIoT Acceleration Unlocked Business Opportunities and Sparked Security Innovation

Most experts agree that over the past two years, COVID has dramatically accelerated digital transformation — by five to ten years — as has the convergence of physical and digital assets. Ransomware attacks against hospitals, oil pipelines, food supply chains and other critical infrastructure have highlighted the high criticality of cyber-physical systems (CPS) and their exposure to attack. With more time, the security industry would have been better prepared to deal with the cyber risks of converged CPS. However, I would like to state that this acceleration and the functions it has imposed are the silver lining of the COVID pandemic. Here’s why.

Let’s start by defining what we mean by CPS. NIST defines CPS as “comprising interacting digital, analog, physical, and human components designed to function through integrated physics and logic.” Other expressions include IoT, Industrial Internet, Smart Cities, Smart Grid, and “Smart” Anything (eg, cars, buildings, homes, manufacturing, hospitals, appliances).

For simplicity, these categories can be referred to holistically as Extended IoT (XIoT)with three main components:

1. Industrial IoT (IIoT) and Operational Technology (OT) are all cyber-physical processes and equipment such as Programmable Logic Controllers (PLCs) that support critical processes in industrial environments. These systems are internally connected to workstations generally accessible remotely for maintenance; other cyber components include IIoT devices such as smart sensors. The 16 critical infrastructure sectors as defined by CISA – from manufacturing to energy to transportation – rely on these interconnected processes and systems.

2. Health IoT includes medical imaging equipment such as MRI machines and CT scanners, as well as Internet of Medical Things (IoMT) devices such as smart vital monitors and infusion pumps that support the delivery of critical care in medical settings. healthcare environments. These systems are usually connected to organizations’ computer networks.

3. All other IoT devices used in smart cities, smart grids, enterprise IoT and smart everything.

The acceleration of XIoT has been positive for several reasons, as it:

• Business opportunities unlocked. Projects related to digital transformation and connectivity that were not funded or prioritized due to challenges in managing day-to-day activities and digitizing operations, moved to the top of the list. COVID left us no choice and compelled us to act. What these projects brought, in addition to the flexibility we needed to respond to the pandemic, was the realization that different ways of working and delivering goods and services were not only possible but positive, driving in most cases real savings both on cost and optimization perspective. New technological interconnections have introduced more efficient ways to measure production, calibrate performance, and ultimately manage businesses better.

• Launch of safety innovation. Typically, there is inherent friction between users and security policies. That changed when the pandemic forced us to broaden the definitions of our devices and work processes so that we could operate safely in this new “no-perimeter” world. We needed new security technologies to identify and monitor all devices and processes that were previously not interconnected and the new wide area networks that now touch the XIoT. To accelerate deployments, security became inseparable from the systems it was protecting. This innovation has strengthened and accelerated the adoption of security.

• Prioritizing cybersecurity at the board level. The board has not only been well educated on cyber risks, but in many cases has become an advocate for cyber security as a competitive advantage. Securing the XIoT was an important element, given the prevalence of business-critical systems. Most have been significantly impacted by interconnectivity and have had to rethink how to extend their e-governance to include all assets and devices. The pandemic has demanded that board members, traditionally from finance backgrounds, understand the proactive steps companies need to take around digital transformation and the associated cybersecurity posture to stay relevant and competitive. Reflecting this new reality, many CIOs, CISOs and digital transformation managers have become administrators.

• Increased leadership awareness of XIoT. Finally, we have seen a trend for management teams and CEOs to become familiar with the convergence of cyber and physical systems, to understand the competitive advantages that interconnectivity brings and the inevitable risks, and to learn how to mitigate them through technologies. security and broader global risk governance. The surge in attacks that take advantage of this convergence are different in severity and priority from attacks that compromise computer networks and exfiltrate personal data because they put our lives and livelihoods at risk. Gartner predicts that incidents resulting in physical harm to people, destruction of property or environmental disasters will expose CEOs to personal liability.

In this landscape, security teams prefer security technologies capable of delivering optimized cross-platform solutions that cover complete connectivity between the cyber and physical worlds. Given the scope and complexity of XIoT, it’s understandable that CISOs want to consolidate their risk governance processes and have a complete view of all aspects and elements of their networks, spanning industrial, healthcare and business environments. ‘business. Efficiency and ease of use are also key considerations and we’ve seen a lot of progress in these areas as organizations have had to move at lightning speed to survive and thrive.

For the past two years we have operated under the cloud of COVID. But its silver lining has been the acceleration of XIoT, the value it delivers to organizations and the people they serve. With proof, we can move forward faster, safer, there is no turning back. The opportunities to think and do differently are limitless and exciting!

Galina Antova is Co-Founder and Director of Business Development at Claroty. Previously, she was Global Head of Industrial Security Services at Siemens, overseeing the development of its services that protect industrial customers against cyberattacks. She was also responsible for leading its cybersecurity practice and cybersecurity operations center, which provided managed security services to industrial control system operators. Previously, Ms. Antova worked at IBM Canada, where she held positions in the provisioning and cloud solutions businesses. She holds a bachelor’s degree in computer science from York University in Toronto and an MBA from the International Institute of Management and Development (IMD) in Lausanne, Switzerland.

Previous columns by Galina Antova:

Source link


Comments are closed.