The Risks of the IIoT to Business NetworksJuly 24, 2019 - by Matt Scott
Recently, one of our Practice Leaders of Digital Forensics, Matt Scott, was invited to do a podcast with Howard Panensky of Willis on the Industrial Internet of Things (IIoT). The podcast is part of a series, Timely Notice, produced by Goldberg Segalla. Take a listen.
An Introduction to the IIoT
The Internet of Things (or the IoT), essentially encompasses a lifestyle of connectivity. This could be anything from simply connecting to Wi-Fi, a home automation system, control devices or wearables. If we apply the same idea to an industrial environment, these devices now become the monitoring and controlling practice for manufacturing (i.e. the machines and operating systems). The introduction of IIoT, or the Industrial Internet of Things, within the manufacturing environment, strengthens the ability to customize controls, and collect and analyze data through a new layer of communication; and it’s all with the touch of a button. It creates a means for organizations to easily track processes, change production requirements, and ensure efficiencies all in real-time.
Exposures of the IIoT in Manufacturing Environments
In a day and age when machines talk to machines and real time data is accessible, risks are inherent and need to be fully understood, in order to protect the organization. In this new IIoT world, if an operating device is compromised, or introduces a new network security risk to exploit, it also means that the network and all associated devices are also compromised--no matter where that device is physically located.
The ability for a threat actor to exploit a vulnerability in the network could cause harm to employees, manufacturing equipment, quality of products, and potentially a number of other things. So, what’s the insurance marketplace’s response to IIoT? Risk has to be transferred but at what cost?
Hear the full discussion, from Timely Notice podcasts.
About the Author
Matt, Practice Leader, Digital Forensics, has nearly 20 years of experience, and provides consulting expertise to the insurance, legal, law enforcement, private, and public communities on computer/mobile forensics, cyber incidents and failure analysis. He investigates computer-related crimes, cyber incidents (breach investigations) and/or ransomware. He also has vast experience determining origin and cause of failures, and is highly proficient in multiple programming languages.