Connecting Enterprises Need Secure-by-Design

/by

All over the world, enterprises are connecting. Inspired or pushed by the growing interest in the Internet of Things (IoT), companies are looking into how they can connect and exchange data with their customers, their suppliers, their branches, and among themselves. And they are quickly discovering that current security models are not adequate. A recent Frost & Sullivan report points towards “security-by-design” instead of “security-by-default” as critical for the connected enterprise.

How did we get to this point? On the industrial side, operational technology (OT) has garnered a wealth of experience in data connectivity through SCADA (Supervisory Control and Data Acquisition) systems that provide plant-wide real-time communications for mission-critical industrial processes. In this space, the promise of the Internet of Things (IoT) is being embraced and extended as the Industrial IoT (or IIoT) among the likes of GE, IBM, and others.

At the same time, these new opportunities for connecting to the plant have caught the interest of the traditional information technology (IT) people within the enterprise. For decades the “top floor” of management has been cut off from what happens on the “shop floor” of operations. Now, using IIoT technologies, it seems that there may be new ways of connecting IT to OT, and integrating enterprise systems directly with operations and production.

The big challenge is security. “Solution providers in the IT and the OT ecosystems must join hands to deploy end-to-end cyber security solutions for industrial systems,” according to Julia Nikishkina at Frost & Sullivan in a summary of the report.

The traditional security model for OT networks has until recently relied mainly on physically restricting all access. Many companies simply do not connect their plant operations network to the Internet―at all. As demand for inbound and outbound data access has grown, companies have been turning to VPNs or other add-on security measures to allow some level of connectivity. These, according to the Frost & Sullivan report, are woefully inadequate.

“The influx of IT solutions into the operational technology space highlights the need for security-by-design rather than security-by-default,” says Nikishkina. “As a majority of industries upgrade to smart systems and processes, industrial cybersecurity will soon make the inevitable shift from a reactive operating model to a proactive design philosophy.”

The Frost & Sullivan report describes what is a daily reality for us at Skkynet. Our SkkyHub service demonstrates how secure-by-design actually works, providing a platform for seamless, end-to-end data connectivity between OT and IT. By keeping all firewall ports closed at both the OT and IT ends, it exposes no attack surface to the Internet, and yet provides bidirectional data flow in real time.