Cyber physical systems are the core concept advocated by the German government for building smart factories to bring about the fourth industrial revolution, or ‘Industry 4.0.’ The interconnected, online nature of Industry 4.0 brings with it a host of operational challenges and cyber-resilience threats.
Defined security programs and comprehensive planning that considers security and safety are rarely in place, while employees with security responsibilities tend to suffer from undefined roles.
This is largely because cybersecurity has a reputation for being something less than a board-level topic. The debate around technological transformation largely focuses on increased functionality and profits, with cybersecurity falling into a poor second place – unless of course an attack occurs.
A typical example is the ongoing migration of companies towards cloud-based computing solutions, which generally offer the benefits of cost-effective accessibility.
However, during such a transition security should be prioritised as much as cost savings are. This is particularly true for organisations choosing public cloud services, which can potentially risk exposing their most crucial data.
The number of online-interconnected devices making up the ‘Internet of Things (IoT)’ is currently estimated to number somewhere between 26 and 75 billion. This generates over 2.5 quintillion bytes of data at a rapid pace of change that makes cyber-attacks an inevitability.
Finding the right skills
A lack of sufficient information and security expertise is a major barrier to adopting Industry 4.0, and the challenge for leaders is to foster and align IT security awareness across their organisation.
In addition those involved in the deployment of new solutions often understand IT, or Operational Technology (OT) hardware and software, but rarely both.
Security specialists working in these areas should have the ability to monitor, prevent and detect anomalies, and understand the full range of Industry 4.0 solutions.
The ‘smart manufacturing’ that comes with Industry 4.0 demands new skill levels, including capabilities in network security, embedded systems and IT and OT security awareness. It is becoming increasingly difficult to find qualified specialists who encompass all of the above.
With the introduction of Industry 4.0, integrating devices platforms and frameworks to existing systems raises the issue of interoperability.
Securing interconnectivity between diverse devices can be even more problematic when old technology is long past its support date. This makes the implementation of secure solutions that enable a smooth integration, such as gateways that transparently communicate with different networks, a vital part of any new protocols.
A strategy for the future
The weakest link in the chain can have detrimental effects for an entire organisation. To address this always:
- Use frameworks that promote a common security language and feature protocols for Industry 4.0 components
- Identify specific security levels between cooperating partners and companies across a supply chain that cover the essential three cybersecurity components: People, processes and technologies
- Conduct rigorous, transparent, and replicable testing of all new tools and technologies before they are introduced
These points of course represent only an introduction to the key issues surrounding Industry 4.0.
If the UK is to excel in the current uncertain environment being driven by the COVID-19 pandemic, there is an urgent need for organisations to address their digital transformation plans.
Ideally actions should be steered by a strategy which addresses key cybersecurity components and ensures that risk is appropriately managed at every stage of the process.
Find out more about the University of Gloucestershire’s Business and Partnership capabilities could help your organisation HERE.