The Internet of Things (IoT) can be a double-edged sword. It’s a fast-developing realm where promising industrial applications and opportunities are easy to imagine. Then again, such dreams are just as easily shattered. If done wrong, connecting IoT devices to an industrial control system (ICS) network can cause security nightmares. Let’s look at the state of ICS networks, what threats are introduced by IoT devices, and how to mitigate the risks and ensure a successful deployment.
Today, for the vast majority of ICS systems, the most effective security control in place is segmentation, for three good reasons. First, ICS networks are mission-critical to an organization, and many require 99.999% uptime (or five minutes of downtime a year). Stability is valued, so segmentation keeps the ICS network under control without risk of new additions that are unknown to the operational technology (OT) team.
Second, ICS systems deal poorly with large numbers of network connections, even if those connections are not attacks. For example, when performing security assessments of ICS networks, port scanning is not used because it could overload many of the ICS systems on the network. Of course, that fragility is in part a by-product of an assumed segmentation by vendors as well.
The final reason is that in an ICS network, operations are paramount, even to security. Many typical cybersecurity best practices are actually a threat to disrupt operations. However, network segmentation is not considered a threat (actually more of an enabler), so it is both effective and accepted as a security control.