To make Industry 4.0 work, manufacturers need to put cyber-safety first

person using ai tool job Image by Freepik

In less than a decade, Industry 4.0 has gone from a little-understood buzzword to a major part of nearly every modern manufacturer’s operations, one which may be worth USD 165.5 billion by 2026. Today, it seems obvious that high-tech manufacturing requires networked devices, robotics, and constant cyber-physical optimisation, so much so that it’s hard to see how we did without them.

However, manufacturing is far and away the industry vertical most likely to be targeted by a cyberattack – high-tech manufacturers working to strict just-in-time deadlines can’t afford to have their machines shut off by ransomware, so they are more likely to pay ransoms, and companies like OEMs may work with dozens of other companies, so one attack can infect equipment belonging to many organisations who could potentially pay ransoms. Perhaps the most damaging attacks may go unnoticed if the hackers are sufficiently skilled: stealing information from manufacturers is big business, with 20% of European companies suffering at least one breach.

The transition from old-style Fordist production lines to digital modern manufacturing operations has made this possible: a modern factory can have thousands of sensors and data connections, and any of these could potentially be compromised. Manufacturing companies must uphold the confidentiality of production and company data to maintain their competitive edge. Simultaneously, they are obligated to protect personal data in compliance with stringent data protection legislation, such as Europe’s GDPR, California’s CCPA, and Brazil’s LGPD. So, how can companies strike a balance between benefitting from Industry 4.0’s improved efficiency and data security?

On-premises data security

At a time when cloud computing is everywhere, security for a single location might seem quaint, but in the manufacturing space it is absolutely necessary. It is also an important cornerstone of cloud-connected organisations – each location needs to be secure on its own terms to prevent the wider cloud from being compromised.

Related to this is the concept of data being at rest and in transit. The plans for a new product could be stored on a hard drive, but could also be sent between departments, and there are significantly different security considerations with both.

Data at rest is inactive – a file stored on a hard drive that is not currently being used – and therefore is ‘locked’ behind the various security and encryption methods that a company might use. When an employee opens the file, they will need to exchange whatever cryptographic information is used to open that file, even if it is just a password, over the company’s internal network, where it could be intercepted, giving bad actors the credentials needed to open the file themselves. Of course, bad actors can steal encrypted data and break its encryption on their own machines, making the problem even more complex.

In many ways, data in transit is more vulnerable than data at rest, and a modern Internet of Things (IoT) manufacturing operation creates a lot of in-transit data, some of it highly valuable. Manufacturers need systems in which data is as secure in transit as it is at rest, and modern security architecture can provide this.

Securing IoT manufacturing

On-premises security can no longer take a walled garden approach, in which the perimeter of the site is secured but internal security is more lax. Sites are also being opened up and cloud services are used to centrally process and exchange data, so on-premises security paradoxically often needs to take off-premises, cloud-based security into account.

Companies need to take a holistic view of on-premises data security, the key element of which include: 

  • Software-based file and folder encryption: Implementing reliable data encryption at the file and folder level is essential to protect data against unauthorised access and meet data protection regulations. This approach ensures that only authorised personnel can access sensitive data, preventing data breaches.
  • Key management: Encryption is only effective if the encryption keys are managed and stored securely. Proper key management ensures that sensitive data remains protected in transit, at rest, and during use, guaranteeing the highest level of data security.
  • Secure file sharing: Manufacturers often need to collaborate with third parties and share data. Secure file-sharing solutions allow companies to exchange data without the risk of data interception, ensuring that confidential information remains confidential.
  • Post quantum cryptography: With the looming threat of quantum computing, post-quantum cryptography offers strong, quantum-resistant cryptographic algorithms for encryption and digital signatures. This ensures that data remains secure even in the face of future technological advancements.
  • Hardware Security Modules (HSMs) for general purpose use cases: HSMs enable key generation, storage, and exchange while meeting various performance and physical security requirements. They also play a crucial role in complying with regulatory mandates and industry-specific security standards.
  • Tokenization: Tokenization replaces sensitive data with non-sensitive tokens, allowing secure business operations without the need to share confidential information. This approach safeguards personal and sensitive data while ensuring operational efficiency.
  • Code and document signing: Code signing allows organisations to prove the trustworthiness of their software, and end users can verify the authenticity of files and programme code. This is essential for ensuring that only legitimate and unaltered software is utilised within manufacturing processes.

Because there is no one-size-fits-all solution for IoT-enabled manufacturing sites, there is no one-size-fits-all solution for their security. When even one sensor with out-of-date security updates can expose an entire network there needs to be a highly active digital security operation, working on multiple levels within the company, with suppliers and using outside experts to ensure that everything is working.

The manufacturing industry’s embrace of digitalisation and IoT technologies has brought about unparallelled opportunities for growth and efficiency. However, the surge in data generation and external threats necessitates robust on-premise data security solutions. These solutions empower manufacturers to protect their sensitive data, comply with data protection regulations, and foster trust in their operations.

By incorporating encryption, key management, secure file sharing, post-quantum cryptography, HSMs, tokenization, and code signing into their cybersecurity arsenal, manufacturing companies can secure their future while embracing the digital age.

Nils Gerhardt, the chief technology officer and head of product for Utimaco

 

 

Article by Nils Gerhardt, the chief technology officer and head of product for Utimaco

Comment on this article via X: @IoTNow_

RECENT ARTICLES
close up small cars model road traffic conception

Carson City upgrades to Iteris’ advanced Vantage Apex sensors

Posted on: April 26, 2024

Iteris has announced that Carson City, Nevada has chosen to upgrade the city’s intersection detection sensors to Iteris’ Vantage Apex hybrid sensors.

Read more

Make the Intelligent Choice: Embed X103 in Smart City Outdoor Devices

Posted on: April 25, 2024

The adage “less is more” is the current state of digital transformation, starting with existing technology that has already proven successful – and then further adapting and streamlining. The “smart

Read more
FEATURED IoT STORIES
What is IoT answer

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This

Read more
iot adoption

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way

Read more
IoT Now Enterprise Buyers’ Guide Which IoT Platform 2021

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT

Read more
CAT-M1 vs NB-IoT

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more
internet of things isometric illustration of connected things

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for

Read more
iot challenges and issues

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into

Read more