https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/footer-logo.png
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Architecture
  • Engineering/Development
  • Security
ioti.com

Security


Thinkstock

Nuclear power plant

Siemens joins Tenable on critical infrastructure protection

Critical infrastructure protection is the focus of a new collaboration between the industrial heavyweight Siemens and security specialist Tenable.
  • Written by Brian Buntz
  • 7th November 2017

In traditional IT security, one of the worst things that can happen to you is that you lose your data in a cyber breach. But the stakes are much higher in the industrial realm. “The Equifax hack was bad,” said Ray Komar, VP of Technical Alliances, Tenable in an interview at the Gartner Symposium in Barcelona. “But imagine an Equifax corollary in the physical world.” Cyberattacks on critical infrastructure could injure workers and potentially harm the public and disrupt the economy.

While the topic of critical infrastructure protection is receiving increasing scrutiny, many industrial organizations have still not addressed fundamental security threats, explained Leo Simonovich, vice president and global head, industrial cyber and digital security at Siemens. For that reason, Siemens has teamed up with Tenable to help energy, utilities and oil and gas companies address cyber risks. “The thing that is interesting about [operational technology] OT security is that just getting a grasp on the basics is hard,” Simonvich said. “You have to understand the protocols. You often have to work with legacy systems and aging infrastructure that often has digital bolted on.” Even discovering what is on the industrial network can be a challenge.

The attack surface for industrial organizations also tends to be much larger than for strictly IT environments. While IT security professionals are often tasked with securing a corporate office, securing the complete an OT environment is much more vast. “You have to secure the edge, the control room and the enterprise network,” Simonovich explained. On top of all of that, there is the need to secure the traditional IT network, which has a growing amount of connectivity to the operational environment. The convergence of IT and OT is this perfect storm. “You no longer have a castle with a moat,” Simonovich added. “You have to have a holistic layered defense to be effective.” 

[IoT Data & AI Summit demonstrates how the next generation of IoT and AI technologies will converge to unlock the intelligence of things. Get your ticket now.]

It is tricky to maintain a 360-degree view of security when there is a considerable skills shortage in the cybersecurity space or to even convey the risk to workers. “For instance, it is often a real challenge to ask the guys with hard hats on to focus on cybersecurity,” Komar said. Getting buy-in from executives and business leaders can also be vexing. “Security has struggled with the classic paradox,” Komar said. “If you do security really well, guess what happens: Nothing. So how do you go justify that spend with an ROI to a CEO?” The fact that there is often a dearth of cybersecurity actuarial data to enable risk-informed spending decisions is another challenge.

Another point of confusion is the rising number of cybersecurity vendors, many offering similar-sounding technologies marketed as veritable silver bullets for cybersecurity risks. “I think there is a ton of noise in the market,” Simonvich said. “Everybody uses the same buzzwords like artificial intelligence. It is hard to figure out what is real.”

“This industry has been rife with what I call the shiny object syndrome,” Komar said. “It is all about: Show me the coolest new widget to help with my security problems. We got away from the fundamentals.”

Komar provided a non-security example to make his point: “There are a bunch of magic pills in the market that supposedly help you burn fat, lose weight and make you feel great. But you are probably better off by eating right and doing your pushups on a consistent basis.”

Siemens and Tenable are hoping that the pendulum will swing back towards emphasizing the importance of fundamental security practices rather than focusing on a singular promising technology.

While a good number of large companies have fundamental security protocols in place, many small- to medium-sized firms don’t. “If you look at where the weakest link is today [in industrial cybersecurity], it is often with small to medium companies,” Simonovich said. “We just did a study with the Ponemon Institute that looked at the maturity of companies. A total of 70% of them had a low to medium maturity. A lot of those companies are still dealing with fundamentals.”

It is true that technologies like artificial intelligence and Blockchain hold real promise for critical infrastructure protection, but, in the end, “it is not about a single piece of technology,” Simonovich concluded. “It is about combining different building blocks together. You take care of the basics, and then you add technologies like cyber asset management and artificial intelligence on top.”

Tags: Article IIoT/Manufacturing Security Technologies Vertical Industries

Related


  • HPE Edgeline Converged Edge Systems
    Converged OT and enterprise IT in a single rugged system for the edge
  • smart manufacturing
    Smart Factory Technology Upgrades: 5G, Cybersecurity Dominate
    Forrester's An expert says that smart factory technology investments while focusing on solving tangible problems.
  • IoT security
    Zero-Trust Security for IoT: Establishing Rigorous Device Defenses
    IoT security pros can benefit from zero-trust security to authenticate rogue devices that try to connect to a network. Zero trust should be the hallmark of your IoT strategy.
  • At Microsoft Ignite: How IoT and Robotics Are Driving Industry 4.0
    Microsoft ignite laid bare the gathering steam of robotics given the reduced price of hardware and the increasing sophistication of AI.

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • How To Become A Software-Driven Car Manufacturer with an Autonomous Digital Platform
  • Persistent Pandemic Heightens Need for Supply Chain Data Transparency
  • Protecting Your Network Against Ripple20 Vulnerabilities
  • IoT Security Trends, 2021: COVID-19 Casts Long Shadow

News

View all

Webex Collaboration Banks on Hybrid Workplace Model at Cisco Live 2021

2nd April 2021

Cisco Enlists Networking Automation, CX Cloud in COVID-19 Response

31st March 2021

White Papers

View all

Telehealth and COVID Infographic

30th March 2021

Medical Supply Chain Management with Smart Devices and Sensors

30th March 2021

Special Reports

View all

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

Webinars

View all

Weber’s Journey: How a Top Grill Maker Serves Up Connected Cooking

25th February 2021

From Insights to Action: Best Practices for Implementing Connected Device Security

15th December 2020

Galleries

View all

Top IoT Trends to Watch in 2020

26th January 2020

Five of the Most Promising Digital Health Technologies

14th January 2020

Industry Perspectives

View all

IoT Spending Holds Firm — Tempered by Dose of ‘IoT Pragmatism’

1st December 2020

The Great IoT Connectivity Lockdown

11th May 2020

Events

View all

Embedded IoT World 2021

28th April 2021 - 29th April 2021

The Virtual Industrial AI Summit

29th June 2021 - 30th June 2021

IoT World 2021

2nd November 2021 - 4th November 2021

Twitter

IoTWorldToday, IoTWorldSeries

🥳Happy #IoTDay! How are you celebrating? We're giving $50 off All Access Passes to join our upcoming virtual event,… twitter.com/i/web/status/1…

9th April 2021
IoTWorldToday, IoTWorldSeries

🎉 Announcing #EIOTWORLD sponsor, @InnoPhaseinc — a fabless wireless semiconductor platform company specializing in… twitter.com/i/web/status/1…

8th April 2021
IoTWorldToday, IoTWorldSeries

Digital Health Infrastructure Benefits From Cloud-to-Edge Architecture dlvr.it/RxBwQ4 https://t.co/AILVdUVWDA

7th April 2021
IoTWorldToday, IoTWorldSeries

Meet the #EIOTWORLD keynote lineup: Google, Facebook, Linux Foundation, STMicroelectronics, Antmicro, OpenHW Group,… twitter.com/i/web/status/1…

6th April 2021
IoTWorldToday, IoTWorldSeries

Network Data Analytics Supports Back-to-Work Health and Safety dlvr.it/Rx5xlL https://t.co/VvxxpdUMJ3

6th April 2021
IoTWorldToday, IoTWorldSeries

IoT Cybersecurity Act Places Security Onus on Device Makers dlvr.it/Rx2jHK https://t.co/fyd3nQ1r1Z

5th April 2021

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X