IoT: Are SASE and Zero Trust the key?

IoT: Are SASE and Zero Trust the key?
Advertisement

Share post

Are SASE and Zero Trust the key to secure IoT implementation in production environments? As manufacturing companies dive headfirst into smart factory initiatives, the number of IoT devices in factories, warehouses, and across supply chain infrastructure is exploding. 

Companies want to use the Internet of Things in various places, e.g. B. with the help of video cameras on the assembly line, temperature sensors on cooling units or telemetry sensors for the maintenance of factory facilities. But while trying to capitalize on the tremendous business benefits of the intelligent devices in the industrial IoT, they must also weigh the potential risks that the IIoT is increasingly bringing to manufacturing environments.

Advertisement

Security architecture for Industrial IoT

With the explosion of IoT in manufacturing, new challenges are emerging. They require companies in this sector to develop a modern security architecture that can cope with these challenges. Recent industry studies consistently show that manufacturing companies are embracing intelligent manufacturing and the Internet of Things (IoT) at scale as the linchpin of their success in the years to come.

Smart manufacturing and the advent of the IoT

According to Deloitte's 2022 Manufacturing Industry Outlook, approximately 45 percent of manufacturing executives expect to increase operational efficiencies by investing in the Internet of Things (IoT), which connects machines and automates processes. The State of Smart Manufacturing Report, released by Plex this spring, found that for 83 percent of manufacturing companies, smart manufacturing is a key to their company's future success. Smart devices and IIoT are among the most widely used projects to make smart manufacturing a reality. About 49 percent of companies have already deployed smart devices and 45 percent have adopted IIoT in production, another 35 percent and 36 percent plan to deploy these technologies.

Advertisement

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded an order processing contract (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.

This means that a large part of the computing power in production is shifted to the peripheral areas. AT&T's recent analysis in collaboration with IDC for the AT&T Cybersecurity Insights Report: Securing the Edge-A Focus on Manufacturing found that the manufacturing industry is one of the most advanced in implementing edge applications. The report shows that 78 percent of companies worldwide are planning, partially or fully implementing an edge use case.

Demand for secure remote access

This type of progress found in the report aligns with other industry studies monitoring the progress of digital transformation in manufacturing. A recent study by Palo Alto Networks states that the demand for secure remote access in the manufacturing industry is quickly outstripping other industries.

Among the many use cases mentioned, e.g. For example, smart warehousing, remote operations, and advanced maintenance, video-based inspection was the top priority cited by manufacturing industry respondents in the AT&T Cybersecurity Insights Report. This is an excellent example of how the IIoT is being used to improve efficiency, quality and speed on the factory floor. At the same time, they help companies to meet the challenges in the human resources area.

Risk in production: non-patchable IoT devices

Video-based inspection is also a great example of how IIoT devices can simultaneously increase cyber risk in manufacturing environments. In use cases like this, IoT devices are increasingly connected to OT networks and devices on the shop floor. At the same time, they also give employees access outside of the manufacturing environment to do their work remotely. This is also true for many extended maintenance use cases, which have been cited as the second top edge priority in manufacturing. This increased connectivity opens up a larger attack surface in production environments.

IoT: Gladly installed and then forgotten

🔎 SASE structure to protect enterprise IIoT (Image: Palo Alto Networks).

At the same time, many IoT devices are installed once and then rarely or never patched again. Sometimes the devices are so simple and unidirectional in data flow that it can be difficult to remotely update their software. In other cases (as is often the case in the world of IoT cameras), device manufacturers simply provide little support for updating vulnerable software. And in even more cases, the devices may have been installed alongside very sensitive industrial machinery, where tolerances for downtime are infinitesimal and maintenance windows for patching are almost non-existent.

All of these factors are likely a major contributor to why only 29 percent of manufacturing industry respondents to the AT&T Insights Report said they plan to use patching as a security control to protect components in their edge applications. Without frequent patching, these devices are potentially vulnerable to compromise.

SASE and Zero Trust for effective IoT security

Manufacturing companies can only address the grand challenge of IoT in their environments through the intelligent use of compensating controls and an effective security architecture.

Across the board, manufacturing companies are transitioning to a modernized network with uniform security. The survey results show that they need to offer positive digital experiences not only to their customers, but also to employees on and off the shop floor. One of the key methods leading industrial companies are using to meet these requirements is the use of the Secure Access Service Edge (SASE) architecture and Zero Trust methods.

SASE and Zero Trust enable a network design to securely enable innovative edge use cases in the factory and beyond. SASE offers manufacturing companies a fast means to secure the IoT edge and maintain the flexibility of connectivity between manufacturing plants and cloud infrastructure.

SASE can mitigate the risk of unpatched IoT devices

They also allow for the introduction of compensatory controls that can help address issues such as an expanded threat surface resulting from increased use of the IoT. For example, SASE's threat services can help offset the added risk of vulnerable, unpatched devices. IoT use cases such as video-based inspections are just a few of the many security use cases where SASE is helping manufacturing companies to progress.

More at PaloAltoNetworks.com

 


About Palo Alto Networks

Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.


 

Matching articles on the topic

Attacks on the supply chain

Attackers have always looked for the weakest link in the chain in order to break through a defence. That has also become fashionable ➡ Read more

Development 2022: cybercrime, wars, ransomware

In its report "2023 State of Malware", security expert Malwarebytes compiles the developments of the year 2022: Geopolitical cybercrime, ransomware and ➡ Read more

Top malware in Q1-2023: Qbot, Formbook, Emotet

Check Point's Spring 2023 Global Threat Index shows that malware Qbot, Formbook, and Emotet am ➡ Read more

Plus 8 percent: More money for IT security in companies

Small and medium-sized as well as large companies in Germany have decided to invest a larger part of their IT budget in the next three years ➡ Read more

70 percent of XIoT vulnerabilities critical or high

The new State of XIoT Security Report: 2H 2022 shows that 71 percent of vulnerabilities with a CVSS v3 score of “Critical” (9,0-10) ➡ Read more

Security Report 2023: More disruptive and destructive malware

As Chech Point's 2023 Security Report shows, there is an increase in cyberattacks of 38 percent and over ➡ Read more

Are companies well positioned when it comes to cyber security?

Are companies really well positioned when it comes to cybersecurity? 61 percent of the global companies surveyed in a Bitdefender study attest to one ➡ Read more

US Government: New Cyber ​​Security Strategy

The US government under President Biden has published a new cyber security strategy. The almost 40-page strategy paper is also clearly about this ➡ Read more