https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/footer-logo.png
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Architecture
  • Engineering/Development
  • Security
ioti.com

Security


Thinkstock

Nuclear power plant

Siemens joins Tenable on critical infrastructure protection

Critical infrastructure protection is the focus of a new collaboration between the industrial heavyweight Siemens and security specialist Tenable.
  • Written by Brian Buntz
  • 7th November 2017

In traditional IT security, one of the worst things that can happen to you is that you lose your data in a cyber breach. But the stakes are much higher in the industrial realm. “The Equifax hack was bad,” said Ray Komar, VP of Technical Alliances, Tenable in an interview at the Gartner Symposium in Barcelona. “But imagine an Equifax corollary in the physical world.” Cyberattacks on critical infrastructure could injure workers and potentially harm the public and disrupt the economy.

While the topic of critical infrastructure protection is receiving increasing scrutiny, many industrial organizations have still not addressed fundamental security threats, explained Leo Simonovich, vice president and global head, industrial cyber and digital security at Siemens. For that reason, Siemens has teamed up with Tenable to help energy, utilities and oil and gas companies address cyber risks. “The thing that is interesting about [operational technology] OT security is that just getting a grasp on the basics is hard,” Simonvich said. “You have to understand the protocols. You often have to work with legacy systems and aging infrastructure that often has digital bolted on.” Even discovering what is on the industrial network can be a challenge.

The attack surface for industrial organizations also tends to be much larger than for strictly IT environments. While IT security professionals are often tasked with securing a corporate office, securing the complete an OT environment is much more vast. “You have to secure the edge, the control room and the enterprise network,” Simonovich explained. On top of all of that, there is the need to secure the traditional IT network, which has a growing amount of connectivity to the operational environment. The convergence of IT and OT is this perfect storm. “You no longer have a castle with a moat,” Simonovich added. “You have to have a holistic layered defense to be effective.” 

[IoT Data & AI Summit demonstrates how the next generation of IoT and AI technologies will converge to unlock the intelligence of things. Get your ticket now.]

It is tricky to maintain a 360-degree view of security when there is a considerable skills shortage in the cybersecurity space or to even convey the risk to workers. “For instance, it is often a real challenge to ask the guys with hard hats on to focus on cybersecurity,” Komar said. Getting buy-in from executives and business leaders can also be vexing. “Security has struggled with the classic paradox,” Komar said. “If you do security really well, guess what happens: Nothing. So how do you go justify that spend with an ROI to a CEO?” The fact that there is often a dearth of cybersecurity actuarial data to enable risk-informed spending decisions is another challenge.

Another point of confusion is the rising number of cybersecurity vendors, many offering similar-sounding technologies marketed as veritable silver bullets for cybersecurity risks. “I think there is a ton of noise in the market,” Simonvich said. “Everybody uses the same buzzwords like artificial intelligence. It is hard to figure out what is real.”

“This industry has been rife with what I call the shiny object syndrome,” Komar said. “It is all about: Show me the coolest new widget to help with my security problems. We got away from the fundamentals.”

Komar provided a non-security example to make his point: “There are a bunch of magic pills in the market that supposedly help you burn fat, lose weight and make you feel great. But you are probably better off by eating right and doing your pushups on a consistent basis.”

Siemens and Tenable are hoping that the pendulum will swing back towards emphasizing the importance of fundamental security practices rather than focusing on a singular promising technology.

While a good number of large companies have fundamental security protocols in place, many small- to medium-sized firms don’t. “If you look at where the weakest link is today [in industrial cybersecurity], it is often with small to medium companies,” Simonovich said. “We just did a study with the Ponemon Institute that looked at the maturity of companies. A total of 70% of them had a low to medium maturity. A lot of those companies are still dealing with fundamentals.”

It is true that technologies like artificial intelligence and Blockchain hold real promise for critical infrastructure protection, but, in the end, “it is not about a single piece of technology,” Simonovich concluded. “It is about combining different building blocks together. You take care of the basics, and then you add technologies like cyber asset management and artificial intelligence on top.”

Tags: Article IIoT/Manufacturing Security Technologies Vertical Industries

Related


  • Five Principles in a Zero-Trust Security Approach to IoT
    IoT devices have created vulnerability for IT networks, but a zero-trust security approach can lock down attack vectors. Here are five key principles.
  • Industrial IoT platform
    Industry 4.0 Embraces 5G As Need for Real-Time Manufacturing Data Mounts
    Lacroix Electronics factory is testing 5G technology to fuel real-time manufacturing data and create an Industry 4.0 factory of the future.
  • Image shows an industrial engineer using tablet check and control automation robot arms machine in intelligent factory industrial on real time monitoring system software. Welding robotics and digital manufacturing operation. Industry 4.0 concept
    Using IoT for Safety Is a Priority for Many Industrial Firms
    As COVID-19 has transformed work environments, many industrial firms are turning to IoT-for-safety applications.  
  • 5G in Manufacturing Shows Promise, but Rollouts Are Incremental
    While 5G in manufacturing is poised for breakout, it may take time to take hold.

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • Drone Technology Extends Reach of Mobile IoT
  • Protecting Your Network Against Ripple20 Vulnerabilities
  • Smart and Flexible Automotive and Tire Production
  • Argent Case Study

News

View all

Private LTE Market Projected to Grow to $13 Billion

12th January 2021

IoT World Announces 2021 IoT World Advisory Board

9th December 2020

White Papers

View all

Zero Trust Manufacturing: Navigating Complex Supply Chains to Build Trusted IoT Devices

27th January 2021

IoTConnect and How to Get Started

27th January 2021

Special Reports

View all

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

Webinars

View all

Weber’s Journey: How a Top Grill Maker Serves Up Connected Cooking

25th February 2021

From Insights to Action: Best Practices for Implementing Connected Device Security

15th December 2020

Galleries

View all

Top IoT Trends to Watch in 2020

26th January 2020

Five of the Most Promising Digital Health Technologies

14th January 2020

Industry Perspectives

View all

IoT Spending Holds Firm — Tempered by Dose of ‘IoT Pragmatism’

1st December 2020

The Great IoT Connectivity Lockdown

11th May 2020

Events

View all

IoT at the Edge

17th March 2021

Embedded IoT World 2021

28th April 2021 - 29th April 2021

IoT World 2021

2nd November 2021 - 4th November 2021

Twitter

IoTWorldToday, IoTWorldSeries

#IoTpentesting is critical as #IoTdevices proliferate and #edgecomputing becomes the norm. dlvr.it/RrWr0Y https://t.co/LsMH1VJJFk

28th January 2021
IoTWorldToday, IoTWorldSeries

Zero Trust Manufacturing: Navigating Complex Supply Chains to Build Trusted IoT Devices dlvr.it/RrTDP4 https://t.co/fuH0GrHJrX

27th January 2021
IoTWorldToday, IoTWorldSeries

PKI: The Solution for Designing Secure IoT Devices dlvr.it/RrTDNF https://t.co/KBWcsksAQi

27th January 2021
IoTWorldToday, IoTWorldSeries

Five Guiding Tenets for IoT Security dlvr.it/RrTDGS https://t.co/Ss17Vn4sFw

27th January 2021
IoTWorldToday, IoTWorldSeries

📢 Announcing #EIOTWORLD Silver Sponsor @ONETech_AI! 💡 Learn more about sponsoring Embedded IoT World here:… twitter.com/i/web/status/1…

27th January 2021
IoTWorldToday, IoTWorldSeries

IoTConnect and How to Get Started dlvr.it/RrT1gl https://t.co/6Vci1hvOV2

27th January 2021
IoTWorldToday, IoTWorldSeries

RT @IoTWorldToday: #IoTsecuritytrends in 2021 will feature new threats given #remotework, #digitalhealth and #edgecomputing. https://t.co/S…

27th January 2021
IoTWorldToday, IoTWorldSeries

#IoTsecuritytrends in 2021 will feature new threats given #remotework, #digitalhealth and #edgecomputing.… twitter.com/i/web/status/1…

25th January 2021

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X