Specifically, the application of IoT to industrial systems is known as IIoT (Industrial Internet of Things). According to a report by the Bankinter Innovation Foundation, backed by research from the APC, America leads the adoption of this technology at 45%, followed by EMEA (33%) and the Asia-Pacific (22%). Large companies such as General Electric, a multinational conglomerate that operates through a range of sectors, have adopted the technology, with GE installing some 10,000 sensors in its battery manufacturing plant. These sensors are connected to more than 400 factories worldwide and serve to collect thousands of process variables every 250 milliseconds. This is where IoT's success in industrial processes lies.
Companies that adopt IIoT experience instant benefits: greater cost savings, higher productivity through reduced manufacturing times, and greater production speed and optimization of quality levels through lightning-fast data and computers. In short, a host of benefits that deliver added value for customers, who will profit from the possibilities of the intelligent factory by responding to the needs of a connected society and accelerate the time to market.
Organization of the new ecosystem
An understanding of how IT infrastructure is structured, as well as its necessary convergence with OT (operational technology) infrastructure, is required to successfully implement these profound changes. The element of cybersecurity is also crucial for a successful transition, thus making it vital to identify the professionals responsible for this transformation or convergence. Under standard conditions, the CIO takes full responsibility for the digitization process. The CIO must also be able to efficiently shift to Industry 4.0, an efficiency that also translates into better management of the company’s cyber security. However, the responsibility does not lie with the CIO alone. As the company point person at the operational level, the COO would be the perfect counterpart to the CIO, nor can we forget about the CISO, a position more focused on corporate security. Creating a connection between these three professionals is vital for efficient management of the company's security.
Cybersecurity at industrial facilities
The shift towards industry 4.0 involves cybersecurity issues that need to be solved to ensure industrial process efficiency and guarantee data security. According to a report by Palo Alto Networks on practices to protect IoT, companies have exponentially increased the number of IoT devices connected to their networks. Faced with this influx of connected devices, 41% of IT managers surveyed recognize that many improvements are needed in the way IoT security is approached, and 17% say they need a complete overhaul. Nearly 1 in 4 of the respondents reported that they have not segmented IoT devices into separate networks, a critical practice for building secure, intelligent networks. Only 21% reported following best practices in using micro-segmentation to contain IoT devices in their own tightly controlled security zones.
The challenge faced by industry 4.0 is to work on the convergence between IT management and OT management to guarantee the exchange of information between a digital company managed by the first and the industry’s operational technological needs managed by the second. This requires that IT and OT work hand in hand and align in this process. In terms of infrastructure availability, a few hours of downtime are acceptable in IT, while unavailability is unacceptable in OT because it paralyzes the production process. As far as risk analysis is concerned, it is standard practice in IT and less so in OT, although it may be compulsory in some regulated markets. Similarly, patch distribution is a common and well-defined practice in IT, but the opposite is true in OT. In the event of a possible impact on the implemented infrastructure, IT often has certain internal capacities in the company, while such competencies may be internal and/or outsourced in OT. Finally, the life cycle of an asset in the IT field is 3 to 5 years, while in OT it is 15 to 20 years, and the latter can become obsolete and vulnerable if adequate maintenance has not been performed.
Against this background, everis can help all those companies that decide to take this necessary step to adapt their corporations to a new era that is eminently digital, but also eminently safe. In a use case and in light of the lack of knowledge in the organization about the number of devices connected to the network, everis identifies two core issues: on the one hand, extremely outdate devices over 15 years old and over which control has been lost, and on the other hand, changes in devices not controlled by maintenance, third party access, etc. As a solution, an infrastructure analysis is performed in line with the corporate methodology in order to understand the problem, propose possible solutions, and install the Nozomi appliance. As a final result, a report is prepared on the cybersecurity status and the tool is used to create an inventory of assets, all with the aim of securing the networks and connected devices and facilitating that necessary switch to Industry 4.0.