Close this search box.
Close this search box.

How Manufacturers can Mitigate the Security Risks of IoT

As manufacturers strive to improve their efficiencies and use of data through the Internet of Things, they could be further opening the door to security breaches. While organizations need not fear IoT, they need to proceed cautiously with robust security and monitoring systems as they put more Internet-enabled devices on their factory floors.

Manufacturers have long lagged behind the curve on cybersecurity. Not only do many have antiquated systems and weak security measures, but they also fail to do penetration testing to identify vulnerabilities.

According to Sikich’s 2016 Manufacturing Report, only a third of respondents said they conduct annual penetration testing on their IT infrastructure. Jim Wagner, partner-in-charge of the manufacturing and distribution practice at Sikich, said that manufacturers need to “do much more to protect their patents, designs and formulas, as well as their private company and employee information.”

The first big IoT security problem is “just around the corner.” And as these devices gain more adoption by consumers and enterprises, they’re going to create bigger security headaches for IT professionals, according to James Lyne, global head of security at Sophos. Lyne said we’re “building up to the moment” when hackers will start exploiting the devices en masse.

“IoT devices are coming in with security flaws which were out-of-date 10 years ago that you wouldn’t dream of seeing on a modern PC.

And they often can put a whole organization at risk. In 2014, for example, Target’s largest data breach was traced to an IoT hack through the HVAC system. And a mass global Internet outage in October 2016 was partly launched through Internet-enabled devices such as CCTV video cameras and digital video recorders.

“IoT devices are coming in with security flaws which were out-of-date 10 years ago that you wouldn’t dream of seeing on a modern PC,” said Lyne.

While some would say the benefits outweigh the risk, organizations should proceed cautiously and update their security protocols before deployment. Preston Futrell, an executive at NexDefense, suggested that manufacturers start with a strong emphasis on network security monitoring of industrial control systems (ICS).

Futrell said ICS network monitoring technology can reduce security risks in a number of ways. First, it offers real-time visibility into network communications. It also better enables the manufacturer to maintain an accurate inventory of dynamic devices and can mitigate malicious behavior earlier, reducing the impact of such attacks.

He added that such monitoring also can allow control engineers to identify poorly performing equipment and devices that are in the process of going offline. ICS monitoring can allow control engineers to quickly identify the source and intent of unusual activity to determine if it is human error or criminal activity.

“Manufacturers, no matter their mission or objectives, must be proactive and vigilant in safeguarding their ICS networks from the cyber risks introduced by maintaining a connected infrastructure. Networking monitoring is the best place to begin,” said Futrell.

Quentyn Taylor, director of information security at Canon, said manufacturers also need a solid incident response plan that shifts more focus from prevention to mitigation. He said organizations need to stop believing that “total defense is economically viable or even possible” and that they need also to have plans for how to deal with it when it happens. “Accept that you have been compromised and learn to deal with it. If we all accept that compromise is inevitable then the next step is having a response plan,” said Taylor.


  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events


    Strategic Planning Workshop

    1:00 - 5:00 pm

    Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process

    Executives expressed frustration with their current strategic planning process. Issues include:

    1. Lack of systematic approach (70%)
    2. Laundry lists without prioritization (68%)
    3. Decisions based on personalities rather than facts and information (65%)


    Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns.  They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning.  Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process.  This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented.  If you are ready for a Strategic Planning tune-up, select this workshop in your registration form.  The additional fee of $695 will be added to your total.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.