© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Andrew Foster, IOTech: "most security attacks are carried out by staff who have internal network access"

With companies increasingly migrating to the cloud, securing the edge has become a core priority for most. But it’s not only the cloud edge that needs the attention of cybersecurity specialists.

IoT devices are also at the forefront of any system, especially when it comes to industrial businesses. What’s more, they often operate on open-edge software which, if not properly secured, is as vulnerable as that of the cloud. Without proper access control management and cybersecurity measures, having an insecure network of IoT devices can lead to very damaging cyberattacks.

To discuss the importance of securing and closely monitoring IoT networks, especially in the industrial field, Cybernews reached out to Andrew Foster, Product Director at IOTech, an edge software company that focuses on IoT network management and security.

How did IOTech originate? What has your journey been like since?

The company launched in April 2017 and was co-founded by Keith Steele, CEO, Andrew Foster, Product Director, and Steve Osselton, Engineering Director. The founding team was already very experienced and had been involved in commercial software product development for more than 25 years when they launched IOTech.

With a background in distributed real-time and embedded software technologies based on open architecture principles and also open standards, IOTech saw an opportunity to create a new generation of open edge software platforms that were needed to support the rapid growth of the Internet of Things (IoT) and edge computing, particularly in the industrial world.

IOTech is a founding member and major contributor to the Linux Foundation’s EdgeX Foundry project, which is a consortium of companies developing a state-of-the-art open-source edge platform. IOTech has built a successful business and employs more than 60 people worldwide. It supplies commercially licensed and supported versions of EdgeX. In addition, IOTech has also developed its own intellectual property in the form of complementary edge platform technology, OT connectivity, and an edge management solution. The company has a global reach with major customers across industrial markets, such as industrial automation, smart energy, building and venue management, and smart retail. IOTech’s worldwide presence includes development centers both in Europe and Taiwan.

You often stress that cloud and edge computing are key in business transformation. Can you tell us more about these technologies?

Over the last couple of decades, cloud computing has become increasingly important. It provides users with on-demand availability of computer system resources, especially data storage (cloud storage) and computing power, without organizations having to create and manage the infrastructure directly.

First-generation Industrial IoT (IIoT) systems made extensive use of cloud computing to store and process machine data. However, as the number of connected devices has significantly increased and the volume of data they produce has risen exponentially, the need for edge computing – which allows the data to be processed locally, reducing latency and data transmission costs while improving the security of sensitive data – has become equally as important. In fact, in most IIoT systems, cloud computing and edge computing are used together in a hybrid edge-to-cloud model. This ensures that users can leverage the best features of both paradigms. For example, using the edge for fast local decision making and data filtering/transformation and using the cloud for long-term storage and big data analytics.

What are the most common challenges that come up when securing the IoT?

With the advent of IoT, security challenges for organizations have increased significantly. Traditionally, industrial systems were deployed on local area networks with little to no access to the outside world. Cybersecurity threats were minimized by the physical network boundary of the local network.

As the use of cloud computing has increased, previous security threat calculations have changed. That’s not to say that having a local network boundary removes all security threats. In fact, even today most security attacks are carried out by staff who have internal network access.

To mitigate such threats, enforcing access control policies and limiting administrator access is critical. When additional connectivity enabled by internet access is introduced into a system, the threat surface becomes much broader, encompassing not just the cloud/IT parts of a system but also the operational environment.

Internet connectivity opens up the potential of malicious actors being potentially able to access the complete stack from the OT devices/equipment, the edge nodes/gateways/control systems to the backend cloud services. To mitigate against the exposure of new threats to the OT systems, security policy and implementation must encompass the use of modern secure OT device protocols (e.g. OPC UA), something that is much harder in brownfield deployments, where older communication technologies are still being used, which offer little in terms of security (e.g. Modbus).

How did the recent global events affect the IoT scene? Have you noticed any new security issues arise as a result?

With recent global events, reducing the threat from cyberattacks is very much at the forefront of our customer’s thoughts. The current geopolitical climate means the organizations that supply or operate critical IoT infrastructure are reviewing their security policies and assessing potential vulnerabilities in their systems.

One of the most recent notable cyberattacks on a strategic industrial system was the Colonial Pipeline ransomware attack. In this case, fraud was the motive – bad enough. However, possibly more worrying are attacks such as the Solar Winds attack, which was attributed to malicious hackers working for a foreign military intelligence agency. In the current climate, the threat of these types of attacks is likely to increase.

In your opinion, which industries should be especially attentive when it comes to securing their IoT devices?

Organizations need to be especially attentive when their “things” are easily accessible and securing them is hard. It’s important to be vigilant when crucial decisions are being made based on the data presented by sensors/devices that may be easily manipulated or spoofed.

What threats surrounding IoT do you find the most concerning at the moment?

In any system, generally, the biggest security threat is in the weakest link in the system. Remote sensors/devices and third-party systems are often the weakest links today. Take a look at the Target HVAC hack or the casino fish tank hack as examples.

With so many connected devices nowadays, what cybersecurity measures do you think are essential for everyone to keep their devices safe?

More anomaly detection of data and activity at the sensor/device level is an essential measure, Also perhaps at the edge gateway level to stop intrusions, denial of service, and other security threats.

What technology do you hope to see become commonplace in the near future?

Digital twin technology holds the promise of providing edge-to-cloud virtual representations that allow easier/better consumption of edge solutions and data. However, we need more standardization of these solutions so edge/IoT providers can build interoperable digital twin solutions and consuming companies can avoid vendor lock-in.

Would you like to share what’s next for IOTech?

IOTech will continue to invest heavily in new R&D and further develop our edge technologies. Our vision is to create the most comprehensive open edge software solution available.

We are focusing on reducing the time and complexity to build Industrial IoT systems at the edge and deploy them at scale. This means developing great tooling and allowing users to build their systems by configuring a standard set of services/components as much as possible, rather than extensive custom coding, particularly at the core edge infrastructure level. It also means being able to automate many of the steps required to onboard and manage new edge devices and the application workloads that run on them. This is particularly important as the number of devices in a system increases.

Leave a Reply

Your email address will not be published. Required fields are marked