The heterogeneity of devices and applications in the Internet of Things (IoT) poses a risk to security, because it increases vulnerability to hackers. Companies need to protect themselves against the new risks.
Infographics: IT security in the industry
When it comes to the IT security of connected machinery and equipment, Germany's decision-makers are fairly optimistic. Although 84 percent believe that the risk of cyber attacks will increase through the comprehensive networking and automation of value-creation processes, only one in ten decision-makers thinks a hacker attack against their own companies could cause grave damage, and only half of them have specific security concepts to protect against attacks.
Whitepaper on security in the Internet of Things
Where do the specific risks lie? And how can companies protect themselves – today and in the future? These very questions are answered in the new white paper, "Security in the Industrial Internet of Things", from Deutsche Telekom. Its most important finding: companies have to give up the notion that one-time security measures can provide 100-percent protection.
Evaluate risks holistically
Instead, companies should begin with a risk analysis, which goes beyond their own premises. After all, to achieve comprehensive networking and automation, networks and systems have to be at least partially opened to customers, suppliers and partners. The third-party network and cloud components required to transport and manage the data are just one example of the potential vulnerabilities.
Protect every layer
The results of the risk analysis provide an ideal foundation for the next step: developing an end-to-end security concept. We recommend the defense-in-depth concept here. In this approach, the IT architecture is divided into different layers and secured through appropriate means – for the user device or machine itself, issuing appropriate guidelines and raising employee awareness. Companies that succeed in improving employee awareness increase security in the Internet of Things. The result is a multi-level security concept: even if an attacker manages to overcome the barriers to one layer, he merely faces the next closed door.
Security by design
Wherever possible, security management should begin at an even earlier stage. After all, many devices, equipment, systems and network components do not always have optimal protection against attacks by default. That's why it's important for companies to choose suppliers that have integrated security aspects in their products from the earliest development stages. Security by design is essential to achieving security in the Internet of Things. The same measure applies to sourcing connectivity and cloud services. Reliable suppliers like Deutsche Telekom commission regular external audits and certifications of their extremely high level of security. After all, security must be constantly reviewed and enhanced in order to maintain the highest possible level of protection.