Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Going safely into the brave new world of 4IR

1 August 2019 Industrial (Industry), Information Security

The Fourth Industrial Revolution (4IR) is changing the world as we know it, and South Africa is pinning its growth ambitions on a 4IR-enabled economy. But 4IR adoption without putting cyber-safety first could undermine growth efforts and expand the risks to manufacturing, heavy industry and key infrastructure, warns GECI.

GECI, a specialist in industrial cybersecurity, says key infrastructure, manufacturing and heavy industry are potentially at greater cyber-risk than knowledge-based enterprises.

“Industries such as finance, telecoms, healthcare and retail are typically mature in terms of the digitisation journey, and usually have advanced and comprehensive cybersecurity measures in place,” says Mike Bergen, director of GECI International: Middle East and Africa. “In contrast, industrial and key infrastructure facilities are often running older operations technologies (OT) in siloes and not connected to the organisations’ IT systems.

“For years, they have been at limited risk of cyber-attack. However, as they digitise and start moving into a 4IR environment, these OTs will become connected to the Internet and integrated into the enterprise IT environment, quickly expanding their risk exposure.”

This risk is compounded by the fact that industrial sites tend to neglect basic information security measures in their existing environments. International OT cybersecurity solutions developer CyberX’s 2019 Global ICS & IIoT Risk Report found vulnerabilities and flaws in basic cybersecurity at industrial sites around the world:

* 53% of industrial sites used outdated Windows systems.

* 57% were not running anti-virus software that updated signatures automatically.

* 69% had passwords traversing the network in plain-text.

* The ‘air gap’ is a myth, as 40% of industrial sites had at least one direct connection to the Internet.

* 84% had at least one remotely accessible device.

* 16% of sites had at least one wireless access point.

Cyber criminals are already exploiting these vulnerabilities, costing companies millions in ransoms and other damages, Bergen says. “Research has found that virtually all industrial organisations have come under some form of cyber-attack in the past few years. These attacks range from malware and ransomware attacks to targeted attacks designed to sabotage operations or steal sensitive data.

“The losses caused by successful attacks extend from actual theft and ransoms, through to production downtime, safety risks, reputational damage and potential fines in the event of a failure to deliver critical services or due to sensitive information breaches.”

The more connected these organisations become, the greater their risk footprint. However, this does not mean the industrial sector should not advance into the 4IR. Bergen says: “Digitisation and technological progress helps overcome several common challenges in the industrial and manufacturing sectors – it improves throughput, efficiency and profitability, by achieving performance enhancement and resource efficiency through data acquisition and real-time analytics.

“Improved efficiencies help free up investment funds to support modern manufacturing innovation, rapid product iteration and customisation. Importantly, industrial safety can be enhanced by technologies such as better analytics and automation of dangerous tasks through robotics, cobotics and the digital workforce.”

He cites a McKinsey September 2018 white paper, which found “manufacturing digitisation could boost heavy industry profit margins by three to five points”.

Says Bergen: “Nobody can afford to ignore 4IR progress. But companies wishing to move into the 4IR have to build cybersecurity into their strategies and systems from the ground up in both IT and OT environments, to counter the growing cyber-risks facing them.”

GECI provides CyberX in South Africa. The CyberX solution delivers an industrial cybersecurity platform built by blue-team military cyber-experts with nation-state expertise defending critical infrastructure. CyberX delivers advanced OT asset discovery and visualisation, detects vulnerabilities and advanced known and unknown threats within seconds, prioritises and recommends actions to be taken to rectify vulnerabilities and threats, monitors continuously, providing alerts in real time, protecting critical IT and OT infrastructure against cyber-attacks, and automating Security Operations Centre (SOC) workflows.





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Schneider Electric appoints Steven Santini as VP
Power Management Industrial (Industry)
Schneider Electric has appointed Steven Santini as vice president of Secure Power for sub-Saharan Africa. The division acts as the architect of digital resilience, delivering intelligent operational technologies and ecosystems that safeguard critical infrastructure.

Read more...
NEC XON secures mobile provider’s hybrid identities
NEC XON Access Control & Identity Management Information Security Commercial (Industry)
For a leading South African telecommunications operator, identity protection has become a strategic priority as identity-centric attacks proliferate across the industry. The company faced mounting pressure to secure both human and non-human identities across complex hybrid environments.

Read more...
Rise in malicious insider threat reports
News & Events Information Security
Mimecast Study finds 46% of SA organisations report a rise in malicious insider threat reports over the past year: reveals disconnect between security awareness and technical controls as AI-powered attacks accelerate.

Read more...
New campaign exploiting Google Tasks notifications
News & Events Information Security
New phishing scheme abuses legitimate Google Tasks notifications to trick corporate users into revealing corporate login credentials, which can then be used to gain unauthorised access to company systems, steal data, or launch further attacks.

Read more...
What’s in store for PAM and IAM?
Access Control & Identity Management Information Security
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in the coming year, driven by evolving cybersecurity realities, hybridisation, AI, and more.

Read more...
The challenges of cybersecurity in access control
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security
SMART Security Solutions summarises the key points dealing with modern cyber risks facing access control systems, from Mercury Security’s white paper “Meeting the Challenges of Cybersecurity in Access Control: A Future-Ready Approach.”

Read more...
Securing your access hardware and software
SMART Security Solutions Technews Publishing RBH Access Technologies Access Control & Identity Management Information Security
Securing access control technology is critical for physical and digital security. Every interaction between readers, controllers, and host systems creates a potential attack point for those with nefarious intent.

Read more...
Phishing and social engineering are the most significant risks
News & Events Information Security
ESET Research found that phishing accounted for 45,7% of all detected cyberthreats in South Africa, with higher-quality deepfakes, signs of AI-generated phishing websites, and short-lived advertising campaigns designed to evade detection.

Read more...
Zero Trust access control
Technews Publishing SMART Security Solutions CASA Software NEC XON Editor's Choice Access Control & Identity Management Information Security
Zero Trust Architecture enforces the rule of ‘never trust, always verify’. It changes an organisation’s security posture by assuming that threats exist both inside and outside the perimeter, and it applies to information and physical security.

Read more...
OT calculator to align cyber investments with business goals
Industrial (Industry) Information Security Security Services & Risk Management
The OT Calculator has been developed specifically for industrial organisations to assess the potential costs of insufficient operational technology (OT) security. By offering detailed financial forecasts, the calculator empowers senior management to make well-informed decisions.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.