- While the COVID-19 pandemic is accelerating digital transformation, companies deploying 4.0 technologies are likely to recover faster from the disruptions caused by the pandemic and be more resilient in the future.
- As more industries demand remote operations and shift to digital solutions, there is an increased cybersecurity risk, especially at the edge.
- Schneider Electric delves into four best practices industries can utilize to maximize cybersecurity—selection criteria, secure network design, device configuration, and operation and maintenance to reduce the risk of breaches.
As the world continues to shift towards the digital age, terms such as Industry 4.0, IIoT, and smart manufacturing are no longer just buzzwords, but are modern solutions many industries are integrating into their operations. A 2021 McKinsey & Company survey indicates that 94% of respondents from global manufacturing companies were able to keep their operations running during the pandemic, attributing this achievement to Industry 4.0. More than half of them also said technologies had been crucial in responding to the situation.
With the rapid acceleration in the digitization of the supply chain predicated by the COVID-19 pandemic, recent studies show that we have vaulted five years forward in digital business adoption, with manufacturers actively developing plans for “lights out” factories and supply chains.
In the Philippines, whose goal is to rank 43rd in the World Intellectual Propery Organization’s Global Innovation Index (GII) this 2022, the Department of Trade and Industry (DTI) continues to roll out its plans for Industry 4.0. Its plans include creating more globally competitive and innovative industries as well as promoting an inclusive, sustainable and resilient industrial development by embracing and adopting Industry 4.0 technologies.
However, as the world continues to rapidly adapt to modern solutions, industries also open themselves to potential digital risks.
“As the demand for remote operations increases, more and more connected devices are coming online and in turn, an increased attack surface for potential cybersecurity issues. The divide between IT and OT starts to fade and with that, the rise in prominence of the IT function on the factory floor,” said Abraham Lim, Secure Power Director of Schneider Electric Philippines. “This places the CIO in an even more crucial role, especially when it comes to the criticality of maintaining secure operations. For Schneider Electric, the people, process, and procedures will always be integral in securing network environments, especially at the edge.”
The industrial edge enables resiliency
A main driver of resiliency in manufacturing environments has been through distributed IT environments, including edge data centers, to improve speed and lower latency with this increase in data from connected products. For industrial operators to reap the benefits of this digitization and automation, CIOs are deploying edge data centers in manufacturing settings to ensure they have the capacity to capture this incremental amount of data.
Local edge data centers are used to enable these connected endpoints on the network. As a distributed model that utilizes various IIoT devices and systems, computing, aggregation, and analysis occur at the physical site instead of being sent to a server sitting at a centralized site or onto the cloud.
“An IT edge environment in an industrial setting includes a plethora of distributed endpoints and, in turn, increases the attack surface for cyber criminals and hackers. A challenge of edge computing for CIOs is security and how to manage the increased risk,” said Lim.
Cybersecurity best practices for edge computing
Lim also delves into some of Schneider Electric’s best practices in maintaining cybersecurity at the edge: “Managing this risk requires the proper implementation of security best practices for devices, networks, and applications. IT decision makers with a distributed IT environment will need to implement a comprehensive cybersecurity approach focused around these four tactics—selection criteria, secure network design, device configuration, and operation and maintenance.”
By practicing these four tactics, users are able to establish a well-integrated system, develop and maintain secure systems and operations, configure devices to disable any unsecure protocols, and ultimately reduce vulnerability and risk of breaches.
Selection criteria: The Security Development Lifecycle (SDL) was developed to consider security and privacy concerns throughout the entire software development process. A properly integrated SDL process can reduce vulnerabilities and coding errors with the necessary mitigations to secure the application, device, and system, while, improving the reliability of the software and firmware. Another globally-accepted standard, IEC 62443, defines security standards developed by industrial control experts. This standard specifies process requirements for the secure development of products used in industrial automation and control systems as well as edge IT applications. It defines an SDL for the purpose of developing and maintaining secure products. This lifecycle includes security requirements definition, secure design, secure implementation, verification and validation, defect management, patch management and product end-of-life.
Secure network design: As edge computing evolves and grows, so will the need to design network security for the devices and systems running in the edge. Securing access to the edge should include only providing access to resources via encrypted tunnels such as VPN and the proper implementation of firewalls and access control systems. Other best practices categories for securing networks and the edge include a defense-in-depth methodology and network segmentation.
Device configuration: Before an embedded device or software-based system is used in an edge application, proper analysis should be done to understand how the system communicates and how the system functions within the use case that is required by the customer to operate at the edge. Best practices for device configuration include performing vulnerability assessments upon receipt of the device, verifying that the device can be configured to disable any unsecure protocols and finally, ensure all patches and updates for the device are current before final deployment.
Operation & maintenance to reduce the risk of breaches: While there may be specific best practices for particular applications, patch management, vulnerability management, and penetration testing are good practice categories that apply to operating and maintaining all edge applications.
Edge computing provides high-speed delivery of data for edge applications, essential for today’s business. It reduces network latency by providing the processing and delivery of needed information locally.
As the Philippines continues to shift towards 4.0 technologies and edge computing, with local enterprises and institutions perceiving the advance of technology as the second biggest economic opportunity up until 2025, it is vital for industries to be able to effectively navigate the new systems and mitigate the cyber risks.
“Edge security must maintain integrity, availability, and confidentiality to support and strengthen business needs and objectives,” said Lim. “Here at Schneider Electric, our highly innovative and well-connected digital solutions are the ideal partners in assuring industries that their operations run smoothly and are efficient, secure, and resilient.”
