Cyber Security Threats in Industrial IoT
By promoting DE/DX in the industrial world, it is expected that the on-site situation will be visualized, productivity will be improved, profits will be increased, and AI will be introduced to help alleviate the labor shortage of skilled workers in the field. On the other hand, as control systems begin to connect to the outside world, a new problem “Cybersecurity” arises.
However, the configuration of control systems and the degree of conversion to DX differ greatly from company to company, and in factories and plants, priority is given to stable continuation of operations, and for example, it is difficult to apply security patches, and normal information security measures are difficult on Industrial area. Security is required in the industrial and manufacturing fields in line with the DX era.
Toshiba’s Cyber Security Concept
Cyber resilience
“Ability”to “prepare” for incidents, “minimize impact” , “recover quickly” and continue business.
Security lifetime protection
for sustainable cyber resilience
Information systems have an information security management system stipulated by ISO/IEC. In there, a certification system is in place, and the organization is required to continuously rotate the PDCA cycle of “understanding the current situation → prevention → detection → countermeasures”. “Security Lifetime Protection” was formulated uniquely by Toshiba to apply this concept to IoT systems in the industrial domain, including control systems such as industrial and social infrastructure.
By maintaining consistency between system characteristics and security requirements, not only “defense” but also “operation monitoring/predictive detection → incident response/recovery → evaluation/verification” Continuously enhance system security. This leads to early detection of abnormalities and minimization of damage.
In addition to developing secure technology, Toshiba aims to realize a secure industrial value network by working with customers and partners toward standardization.
ISO:International Organization for Standardization
IEC:International Electrotechnical Commission
SOC:Security Operation Center
SIRT:Security Incident Response Team