Addressing the threats to the IIoT, and by extension, anyone who is affected by the IIoT (and that would be basically, everyone) takes more than just a single technology solution. It’s a matter of architecture, as Ilan Barda, CEO of Radiflow, explained.
“Securing an IIoT environment requires knitting together a number of disparate technologies and their respective management teams,” he said. Radiflow makes Intrusion Detection Systems (IDSs) especially for the IIoT. “There’s been a traditional separation between IT and OT. Now, we have to close that gap.”
OT, or Operational Technology, was historically separate from IT. There were (and are) many good reasons for this division, including significant differences in the technology itself as well as divergent work cultures. “OT is about operations, about making things, providing services and making money,” Barda noted. “IT is about connecting everyone and delivering technology service quality.”
With the advent of low cost IIoT devices and the widespread adoption of Internet Protocol in previously isolated OT networks, IT and OT must come together for a common goal of security. The new union of IT and OT is partly political. It’s also partly technical. Of course, IT and OT systems must inter-operate for security to be viable. It’s mostly a matter of architecture, however.
This is a good start, but the placement and connection of industrial firewalls is not adequate on its own to provide robust IIoT security. To work, the architecture must include connectivity with other IT and OT control system as well as security incident response systems. The SOC has to be able to integrate a Radiflow IDS, or equivalent, into its alerting and incident response workflows.
Architected in this way, the IIoT security solution becomes a pervasive point of policy enforcement. An organization might establish a security policy of intrusion detection at the perimeter level of IIoT devices, but it will only work if the architecture supports its enforcement. Radiflow enables such an IIoT policy enforcement architecture to exist.