3 Must Do Steps to keep your business secure in the IoT world
Just like Artificial Intelligence (AI), Machine Learning, Big Data in the exciting world of digital transformation (my last blog) – Internet of things (IoT) is creating incredible business opportunities by increasing productivity of employees, decreasing downtime and providing real-time visibility. The right 3rd party independent digital transformation partner will first understand your end to end business needs, review your existing network, and everything connected to it before you march to develop more apps, connect them to new devices and advice you properly via a 3 step process (below) to secure it.
The introduction of advanced technologies such as the Smart City, Smart building, Retail, Industrial, Health monitoring devices etc., in this ever growing world of Internet of Things (IoT) has created new challenges for business owners which is challenging the Information Technology (IT) professionals. What were once one dimensional systems with applications, intranet, hosted servers managed and maintained by IT staff, are now connected by an IT network to an enterprise system and needs access to the internet to access them remotely. Securing these new cyber-physical systems should be a priority for business decision makers as they begin their digital transformation, but leaders often underestimate the importance of cybersecurity (read my recent article on this topic on some personal examples I encountered last few months). It is believed the risk of attack is low, and thus overlook securing cyber-physical systems.
Quick glance of a couple of telco’s in North America results in rise in security solutions and focus with uptake of IoT which is comforting and atleast gives the decision makers some options.
At the same time I found these stats from a recent article I read. PLANT Magazine’s 2017 Outlook report revealed that 17% of Canadian manufacturers have not taken any steps to defend against cyberattacks. In addition, when you consider that 78% rated their concern of a cyberattack affecting them as ‘low’ or ‘medium,’ why would they? Clearly, the businesses believes other organizations are much more suitable targets.
Another study by a leading global OEM manufacturer, released in January, showed that Canadian organizations rank second-to-last in security capability maturity. Nearly half (48%) of our businesses have ‘low’ or ‘lower-middle’ maturity. Across all industries, our organizations are not nearly prepared to deal with dynamic cybersecurity threats.
Any threat to those applications – be they due to cyberattack, poor maintenance or otherwise – must be addressed and mitigated. And for the record, businesses have been, and will continue to be, the target of cyberattacks. That will not change.
The good news for Canadian businesses is that securing their operations does not need to be complicated. In fact, when done right keeping a business operations secure in the IoT era can be as simple 3 steps:
Plan, Evaluate, Deploy.
The first step in building that framework is to ask specific questions about their physical and cybersecurity capabilities. For example, IT leaders could start with the following tips:
Centralized control of network security?
Process and have we outlined who has access to which devices?
Plan, rank, and prioritize most critical assets?
By understanding capabilities and potential gaps in security processes, technologies and practices, business can better understand what cybersecurity solutions they require.
I get asked this question – is there a silver bullet to cybersecurity for business like Norton Virus etc., Are there trusted partners who can help. These partners can review the organization’s current infrastructure and make recommendations to help achieve its security goals. Many technology and cybersecurity vendors provide these reviews, often called security assessments. My advice is to evaluate the assessments offered by several vendors, then decide which has the right combination of security expertise, best-in-class products and industry knowledge for your organization.
It is vital that, prior to implementing a new cybersecurity solution, business with their selected vendor to build a security strategy and plan. This plan should include both cybersecurity and technology elements – such as whether to leverage virtualization to back up important systems – as well as physical security processes and best practices. Most important, a plan provides a roadmap for businesses and vendors to follow to ensure projects have measureable goals, outline expected Return on Investment (ROI) and stay on time and budget.
For Canadian businesses who aren’t ready for the process above, there are other ways to keep their business secure.
Some steps are:
Password management on IoT-enabled devices.
Change control process.
Use recommended secure settings.
When it comes to cybersecurity, doing nothing is no longer an option for Canadian manufacturers. The convergence of IT and operational networks through the IoT has highlighted these risks. Although stopping all attacks may not be possible, business can minimize both the risk and the impact of these threats by working with a trusted 3rd party independent partner who can evaluate their current systems.
Digital Transformation Enthusiast, Entrepreneur, Projects
Visit us at www.markitech.ca; or send me an email at firstname.lastname@example.org for further discussions on your IoT & digital transformation needs.