Was the need for security in the industrial internet of things (IIoT) underestimated?

305 views3 Comments

SVP, Chief Information Security Officer in Education, 5,001 - 10,000 employees
Early on in the IIoT space, none of the technologies underlying those devices had changed in 30 years. But the business opportunity turned out to be far more challenging than anybody foresaw at the outset. Back then I would deal with SCADA operators who would tell me, "I've been sitting here for 30 years clicking this button. I know that when I click this button, this happens over there, and that's all I care about. We don't get attacked. I don't care about security. Leave me alone." So how do you sell security to somebody with that mindset? It was challenging, but everything's changing. I see our federal government's involvement in critical infrastructure protection and cybersecurity reporting, which is wonderful. That forces people to do something as opposed to hiding behind the belief that if something isn’t broken, you shouldn’t touch it.
CIO in Services (non-Government), 201 - 500 employees
As someone who has a few US patents for inventing various devices and software, right at the very beginning of the IoT revolution, I can tell you that lack of security was exactly why I designed a new proprietary secure protocol for Wi-Fi!  At the time, all we had was the initial WEP standard and that was tragically insecure. 

We also wrote some network management software to manage our proprietary wireless access points, that allowed us to create the first wireless VLANS, and we also included as much security as we could at that point in time; we wrote custom MIBs (Management Information Base) for SNMP stats and control, because there were none available at the time.
VP of IT in Healthcare and Biotech, 10,001+ employees
Yes. All processes along the value chain and networking components need to be protected 

Content you might like

Strongly agree5%




Strongly disagree0%

Other (please specify)0%



Patch management: to reduce attack surface and avoid system misconfigurations39%

Malware and ransomware prevention: to protect endpoints from social engineering attacks58%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls32%

Not planning to change endpoint security strategy10%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
41.1k views131 Upvotes319 Comments