Cybersecurity a fundamental pillar of IIoT

2019-08-01T13:59:36+00:00 August 1st, 2019|

Cyber-security has been placed firmly under the spotlight as South Africa prepares for the Fourth Industrial Revolution, or ‘Industry 4.0’.

“This Industrial Internet of Things (IIoT) will comprise hundreds, thousands and even millions of connected devices and objects that are controlled remotely, while also collecting useful and, in many instances, critical, or sensitive data with the help of various existing technologies. Robust cybersecurity is, therefore, a fundamental pillar and facilitator of Industry 4.0, considering the potential far-reaching negative ramifications of an attack. These range from compromised physical security, equipment, as well as products and services through to devastating financial and reputational losses,” says Nico Bezuidenhout, business development manager of First Technology Group.

‘Hacktivism’ is an example of a cyber-attack. Image credit: Pixabay

‘Hacktivism’ is an example of a cyber-attack. Image credit: Pixabay

According to experts, the IIoT is expected to comprise about 30 billion ‘things’ by 2020 and as many as 50 billion by 2022, and of serious concern to companies and participants in the public sector are those devices with limited or no cyber security. This is in addition to other weak points, such as compromised sensor- and actuator-equipped technologies.

One of the biggest challenges in this connected era will be managing the many different security solutions from numerous vendors. “Organisations have had no other choice but to continuously invest heavily into multiple layers of security technologies due to the ever-evolving nature of cyber threats. This has, in turn, resulted in a serious disconnect between various security solutions,” Bezuidenhout says.

Increased collaboration and extended partnerships between companies, as well as their supply-chain vendors will also be a major trend moving forward in various industrial sectors of the economy.

A case in point is the mining industry which has become increasingly vulnerable to cyber-attacks since embarking on a digitisation drive. Its cyber footprint has grown significantly as a result of the convergence of traditional information technologies (IT) and operational technologies (OT), or otherwise referred to as Industrial Control Systems (ICS).

A hacker could, for example, exploit weaknesses in connected and networked internet protocol and telemetry devices to manipulate machinery and equipment with the intention of causing injuries and even fatalities, resulting in labour disputes and mine stoppages. This scenario would also have cataclysmic consequences on the overall performance of the business and possibly irreparable damage to the reputation of its brand in the market.

Mining is just one of a number of important industries in the country that is also preparing for the Fourth Industrial Revolution to reduce operating costs, improve productivity and increase safety levels. IIoT is critical to the survival of the African mining industry, which has been beset by a range of challenges, including declining commodity prices, labour concerns, increasing input costs, as well as a constantly evolving and volatile global political landscapes.

The lack of preparedness of the industry for IIoT is mirrored by the damage that it has already incurred as a result of a host of well-orchestrated cyberattacks. These include corporate espionage, such as theft of exploration data or sensitive financial information. This is in addition to the robbery of process information, as well as ICS equipment configuration files and specifications. Worryingly, many cyberattacks have also been launched from within organisations to intentionally remove or sabotage data.

‘Hacktivism’ is yet another typical form of cyberattack orchestrated against mining houses that are usually committed by individuals, environmentalists, as well as socio- and geo-political organisations with various agendas.

Fraudulent e-mail communication is also a well-known technique that has been used to extort personnel into releasing sensitive information.

Industry 4.0 is critical for the reindustrialisation of South Africa and to raise its ability to compete globally, while also closely aligned with those policies aimed at significantly raising the skills levels of the labour force.

Policymakers also understand the important role that these ‘cyber-physical systems’ are able to play in stimulating the development of new local industries that supply sophisticated services and products.

However, its facilitation is dependent on robust cybersecurity, especially in a country that ranks as the third most exposed in the world to cybercrime.

“If companies are not leveraging the best-of-breed technologies, they will simply not be able to tackle real threats in time. This could cause data loss, critical system downtime, reputational damage and, in extenuating circumstances, imprisonment and hefty fines, in terms of General Data Protection Regulation and Protection of Personal Information Act regulations. First Technology Group can successfully challenge Industry 4.0 cyber risks with our robust cyber-security solutions,” concludes Bezuidenhout.