Cybersecurity Best Practices at the Network Edge
By John Fryer
As companies race to adopt Industrial Internet of Things (IIoT) technologies, many are exploring edge computing, in which data from IIoT devices is processed on-site, rather than in the cloud. The added processing speed of edge computing allows businesses to analyze data and make critical decisions in real-time, drastically improving operational efficiencies.
Simultaneously, however, introducing these new devices and touchpoints also introduces new security considerations. Adding devices previously located within the network to remote locations means businesses must protect new endpoints from external threats.
While every business must explore its unique technical infrastructure and security needs, the following best practices are emerging to improve IIoT network security with edge computing.
Establish Responsibility for Equipment Security
One of the most challenging aspects of modern cybersecurity is the increasingly blurry distinction between Informational Technology (IT) and Operational Technology (OT). Traditionally, production equipment was the responsibility of OT, while network equipment was under IT jurisdiction. Both organizations have a claim to IIoT and edge computing devices, which reside at the edge but connect to centralized networks. IT-OT convergence is best practice for any IIoT strategy. It is also essential for security.
Businesses must ensure alignment and collaboration between IT and OT teams on their various responsibilities for securing the network. When possible, IT and OT teams should also understand each other’s corresponding functions and be capable of addressing any potential catastrophic events.
Conduct a Holistic Security Audit
To protect their operations from ransomware, endpoint manipulation, and other malicious security threats, companies must first understand their vulnerabilities. The first step in improving network security is thoroughly mapping computing infrastructure to identify all potential threats.
Security teams should create an inventory of all assets, identify points of weakness, and build remediation plans for securing the network in the event of a breach. Contracting an external security auditor can also help organizations view their assets with an outside perspective. Security audits should always incorporate both IT and OT Teams. Similarly, effective remediation plans must establish the different roles of IT and OT in protecting company assets.
Choose Security-Aware Solutions
By nature, IIoT and edge computing hardware faces different security challenges than traditional technologies. Traditionally, security has not been a priority for teams purchasing operational equipment, as operational environments rarely used to pose a potential threat to company-wide networks.
Production teams are focused on minimizing downtime and maximizing operational value. As such, they have a reliable set of priorities for hardware: simplicity, affordability, and where possible, autonomy. But the proliferation of IIoT devices and other increasingly intelligent operational equipment that are communicating with the network, make edge equipment a new frontier in the broader cybersecurity battle.
Fortunately, hardware manufacturers are finding ways to prioritize security without sacrificing operational simplicity. ‘Self-protecting’ edge computing and IIoT devices can autonomously identify data anomalies that might signal a cyber-attack or component malfunction. These devices have modernized to reflect the increasing importance of edge security without introducing too much complexity for production teams. With self-protecting hardware, operational teams can ensure security at the edge without sacrificing their ability to keep critical equipment up and running.
As companies explore the value of edge computing and increase the intelligence and efficiency of their industrial operations, they must be wary of potential security vulnerabilities. Developing a comprehensive cybersecurity plan requires full consideration of a company’s computing infrastructure, clear division of security responsibilities, and self-protecting hardware. To maximize value of IIoT and edge computing projects, organizations must first ensure they are fully protected.