What’s the biggest threat to the industrial internet of things (IIoT) space?

Security Strategy & RoadmapRisk Management
382 viewscircle icon5 Comments
Sort by:
Director, Information Security Engineering and Operations in Manufacturing3 years ago

Probably the mindset that they are not as exposed as they really are.

CIO/CISO in Healthcare and Biotech3 years ago

Lack of security control standards around IoT. Multiple operating systems and firmware types make it difficult to prescribe one single standard coverage strategy for most of these devices.

Head of IT and Security in Finance (non-banking)3 years ago

Basically the impact mostly depends on the type of industry but I would assume device hijacking would definetly be a serious threat.

Director of Information Security Operations in Consumer Goods3 years ago

Inherently insecure OT networks: Complex and widely distributed architecture, limited OT visibility, and inadequate security controls gave attackers hundreds of possible entry points into companies OT networks. As a result, small-scale attacks usually can go unnoticed despite aggregating substantial damage—and posing substantial risks to OT availability, safety, and reliability—over time. 

SVP, Chief Information Security Officer in Education3 years ago

A native industrial cyber attack has truly yet to happen. Most of the cyber attacks that have touched industrial environments have been IT-level attacks, like ransomware, or breaking in through enterprise remote access protocols. But for example, the world has yet to see a legitimate massive DNP3 attack, which is an industrial protocol, or a Modbus/TCP denial-of-service attack. When that starts to happen, it will be a game changer, because most security initiatives and products focus on protecting the IT side. The thinking is that those attack vectors are the only ones that will be relevant to the industrial side, but that is an incorrect way of looking at this space. That's an outside-in approach. If you look at it from the inside out, you’ll see that there are so many different attack surfaces on the inside of these networks, which is why native-level protection is important. 

The challenge is that native-level protection is difficult. It requires an in-depth understanding of the network, protocols, devices and the settings of those devices. If you consider Stuxnet, the fanciest part of that attack, from the ICS perspective, was a settings change on the centrifuge controllers. That change took the target out of its normal range of operation in terms of a numerical value. There was nothing on the network that could prevent that numerical value from surpassing an acceptable threshold. And that led to physical damage.

Content you might like

Blacklisting IPs is not an effective use of the security team’s time.

Strongly agree9%

Agree58%

Neutral15%

Disagree14%

Strongly disagree2%

Other (please specify)

View Results

What are the challenges and best practices in implementing robust time-sensitive access controls and location-based risk assessments for secure remote work environments?

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models.  Scope includes Environment Setup:  Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation.  Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

Which of these areas are you targeting for funding increases in your 2026 cybersecurity budget? (Choose all applicable)

Threat detection & response 48%

Identity & access management 58%

Cloud security 48%

Security awareness training 30%

Other 3%

N/A

View Results

How can security leaders in smaller organizations stay informed about emerging threats if they don’t have access to formal threat intelligence feeds?

Read More Comments