Industrial Cloud Vulnerable to Cyberattacks

The cloud and edge computing have come to the industrial world and they’re here to stay. Whether one thinks that’s a good or bad thing, it’s now inevitable.

These shifts have been accelerated by the enormous expansion in remote workers due to Covid-19 and their many unmanaged or insecurely managed devices, along with the connection of millions more imperfectly managed devices via the Industrial Internet of Things (IIoT).

While the expansion of cloud services can help solve some cybersecurity problems for industrial companies, including the vastly expanded attack surface caused by remote workers, it also spawns new security problems.

In multiple reports from different parts of the cybersecurity industry, data breaches continue to be the top concern in many industries, and flaws in identity and access management (IAM) practices continue to rate among the top avenues for those data breaches.

Despite these reports, and despite the fact that misconfigurations causing security gaps were exploited in two-thirds of attacks reported in a recent cloud security study by Sophos, only a quarter of organizations said a lack of staff expertise is a top concern. Some companies are just not connecting the dots.

More than half of employees working from home do so without new guidelines on how to handle customers’ personally identifiable information (PII), according to an IBM Security study. Yet the study found PII data is exposed in 80 percent of reported security incidents with the most costly consequences. For example, Pfizer reported a huge breach of highly confidential HIPAA-related customer data, stored in automated customer support software on a misconfigured Google Cloud storage bucket.

Our Special Project focuses on vulnerabilities in the industrial cloud, especially for companies with industrial control system (ICS) and operational technology (OT) concerns, and those connected to the IIoT. My introduction explores industrial cloud cybersecurity problems, the consequences for cybersecurity of the shift to cloud, what’s needed to protect the industrial cloud from cyberattacks, what’s currently being done to combat those threats, and what’s not being done yet but should be.

For the rest of this series, please go to EETimes.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Industrial Cloud Vulnerable to Cyberattacks

Author: Ann Thryft

Related posts

Leave a Reply Cancel reply