With the glass industry’s continued implementation of new technologies and automation, the “internet of things” (IoT) is fully present in the sector. While this improved connectivity and ease of access to data has allowed businesses to be more productive than ever before, extra special care must now be taken from a cybersecurity standpoint.
John Cunningham, director of business and industrial IT at RoviSys, presented on the topic during the recent Glass Processing Automation Days in San Diego.
“Devices on the plant floor have become smarter,” he said. “And once these things are automated, they are being tied together.”
New technologies and processes connect all facets of the business—workers, operations, product supply chains and services—with one another. “What you end up with is the connected enterprise,” he said.
Demand for data is increasing, whether it is for product tracking, supply chain integration, shop floor operations/maintenance or basic analytics. Higher speeds of data and larger data volume are being achieved, which is a major positive.
This also results in significant cyber exposure.
“Unless you’ve been violated before, people don’t think about cybersecurity,” said Cunningham.
He said an “increased attack surface” has enlarged the threat of security breaches. “The bad guys can go after more stuff in your facility, because more stuff is connected,” he said.
Another cause for concern is the fact that many workers are bringing in and using their own devices, such as smartphones. By doing so, “you can inadvertently bring problems into your facility without knowing it,” said Cunningham. Additionally, more advanced threats, such as “headless worms” and “ghostware,” continue to evolve.
Businesses need to take a hard look at whether or not their cybersecurity is ready for the IoT. He advised doing the following:
-Use secure passwords;
-Make sure anti-virus programs are installed and up to date;
-Ensure security patches are up to date;
-Have strong security policies in place;
-Be sure personnel are educated and security-aware;
-Make sure firewalls are installed and configured;
-Ensure your network is properly segmented;
-Make available access control to only what is needed for the job; and
-Have in place application and user activity monitoring.
Cunningham said companies need to understand that IoT is happening now, and to address cybersecurity as an integral part of their plans.
He added that it’s important to have a “champion” of cybersecurity in the business.
“As an industry, as we automate more and integrate more, this is something we really need to pay attention to,” he said.