Kaspersky Lab specialists have contributed to the "Good Practices for Security of Internet of Things in the context of Smart Manufacturing" research to support the need for stringent IoT security standards. The report, developed by the European Network and Information Security Agency (ENISA), aims at enhancing IoT security within Industry 4.0 and Smart Manufacturing and was published in November 2018.
The concept of Industry 4.0 is widely applied in industrial strategy, paving the way for high automation, connectivity and deep integration of IoT into industrial systems. On the one hand, it can lead to improved operational efficiency, saving time and cost for industrial organizations. But on the other hand, adopting IoT brings potential risks to cyber security that can lead to big losses for them. While the issue is of great interest to those concerned, the awareness of the threats associated with the development of industrial IoT (IIoT) is still limited. The aim of the new research developed by ENISA is to raise awareness of this issue and to promote cooperation on IoT safety in the European Union.
During the preparation of the report, Kaspersky Lab experts participated in a workshop covering various aspects of industrial IoT and Industry 4.0 security. The team also participated in a series of interviews organized by ENISA with representatives of the invited organizations, during which they discussed the role of monitoring technologies, appropriate assessments of the specificities of Smart Manufacturing and the approaches that could be used to modeling threats. In the final report, ENISA identified core IoT classifications and definitions and consolidated information on good practices by harnessing Kaspersky Lab's know-how on issues related to industrial digital security.
Ekaterina Rudina, senior system analyst at Kaspersky Lab ICS CERT, said.
"In Kaspersky Lab we argue that companies are following a 'secured-by-design' approach when IoT comes into their own life, which will allow them to eliminate all threats from the beginning. When we created the report, we shared our suggestions on this idea with ENISA, based on our extensive experience. We are very pleased to see that many of these ideas have been reflected in the published research"
The new survey is a follow-up to the Baseline Security Recommendations for IoT, which includes policy measures for EU institutions, IoT hardware manufacturers and software developers, issued by ENISA in October 2017. Kaspersky Lab is a member of the IOT IOT Special Security Team (IoTSEC) and also participated in the creation of the previous report by providing expert recommendations.