In the race to digitally transform, many companies are adding a serious number of IoT sensors, meters, and high-definition video into their operational processes. Think proximity sensing and contact tracing for public transportation, IoT soil sensors in agriculture, or IoT sensors communicating with robots in manufacturing.
More sensors equal more data, which will most likely be processed by edge computing. But adding exponentially more devices on a network exponentially adds more “windows” to open for a potential cyber-attack. These windows of vulnerability are keeping information technology (IT) managers and operational technology (OT) managers up at night.
Converging of IT and OT presents a new challenge to security practices
In the past, IT and OT have maintained a clear distinction, never overlapping their boundaries. The distinct separation between IT and OT departments has been characterized by organizational silos and ingrained into the company culture. Historically, IT systems have been used for managing business applications in the front office. OT was usually made up of fully complete and proprietary systems in operations. In today’s operations like factories, IT and OT are converging — propelled by the need to automate for higher productivity and flexibility. OT managers are excited by the possibility of increased automation and terrified about the disabling consequences of a cyber breach.
This converging of IT and OT systems with the increased use of IoT in industrial environments presents a new challenge to existing security practices. The focus expands from protecting a centralized, single entity to protecting many distributed edge sites with tens, hundreds, or thousands of attached IoT devices.
Securing edge computing installations and endpoint devices
We decided to write white paper 12: An Overview of Cybersecurity Best Practices for Edge Computing to provide guidance on how to secure edge computing installations and the associated exponential rise in endpoint devices. The overview of best practices is provided for each of these four elements:
- Device selection criteria
- Secure network design: Defense-in-Depth Network (DDN), network segmentation, intrusion detection system, Secure Access Service Edge (SASE)
- Device setup/configuration
- Operation and maintenance: patch management, vulnerability management, penetration testing
These practices reduce the risk of breaches. The white paper provides examples for these practices along with associated cybersecurity standards. The paper also discusses how Microsoft introduced the Security Development Lifecycle (SDL) and IEC 62443, which is accepted worldwide in defining security standards developed by industrial control experts.
One of the most overused and abused phrases
It is true that one of the most overused and abused phrases is IT and OT convergence. But it’s really starting to happen when adding edge computing and IoT sensors into OT applications, presenting new cybersecurity challenges.
Whether you are directly responsible for the ongoing operations or are an IT manager responsible for overall cybersecurity, you would benefit from reading the overview and recommendations in white paper 12: An Overview of Cybersecurity Best Practices for Edge Computing. You may even sleep through the night.