IIoT Cybersecurity: Minimizing Risk with the CIA Triad

Organizations have a growing need for data collection and analytics. As a result, many are adopting cutting-edge Industrial Internet of Things (IIoT) technologies, such as connected sensors and cloud-based software. IIoT joins hardware and software in a connected system, allowing remote monitoring, automated alerts, and integration with computers and mobile devices.

The adoption of IIoT supports innovative maintenance and reliability solutions, connecting with supervisory control and data acquisition (SCADA) systems and monitoring the condition of programmable logic controllers (PLCs) in real time. However, connecting manufacturing plants to the internet also exposes them to increased risks of cyberattacks.

Fluke Reliability recently surveyed 605 manufacturing maintenance managers and senior staff members to discover what barriers they faced in implementing artificial intelligence (AI) into their maintenance processes. 36% of survey respondents viewed cybersecurity threats as a barrier to adopting artificial intelligence. 

Similarly, almost 30% indicated a concern about security and privacy. Respondents also hesitated about integrating intelligent digital technologies into their manufacturing and industrial processes. 36% cited security and privacy concerns, and 34% reported cybersecurity threats as their main barrier to integration.

Manufacturers are right to be cautious. Cybersecurity is a genuine threat facing organizations that are incorporating IIoT, AI, and other technology into their operations. However, the best way for manufacturers to get ahead of cybersecurity risks is by improving the strength of their IIoT systems against cyberattacks. 

Here, we’ll discuss the risks most prevalent to organizations today and the best strategies for mitigation.

How Cyberattacks Impact the Manufacturing Industry

In 2023, a quarter of cybersecurity attacks worldwide involved manufacturing companies. The financial setbacks of these attacks have also soared, with the average cost of industrial data breaches reaching $4.73 million in 2023.

Manufacturers should expect and prepare for phishing, data theft, and ransomware attacks. Malicious actors can steal credentials, expose sensitive data, and hold intellectual property for ransom. Cyberattacks can be so damaging that they force companies to halt operations entirely, adding costly downtime to the expenses of managing the attack itself.

Numerous recent examples show that no industry is immune from attacks. Cleaning products company Clorox experienced an attack in 2023 that cost an estimated $49 million that year, with additional costs in 2024 as the damage was repaired. Boating manufacturer Brunswick Corporation experienced an attack that cost up to $85 million in 2023 and caused a disastrous nine-day downtime. Semiconductor manufacturers, automotive manufacturers, and food companies have all experienced data breaches in the past two years.

Defend Against Cyberattacks with Regular Systems Maintenance and a CMMS

Hardening is a type of cyberattack protection that involves finding and eliminating system gaps hackers can use to seize control of a system and gain access to sensitive data. Cybersecurity vulnerability can be reduced by performing regular maintenance on SCADA, PLC, and computerized maintenance management systems (CMMS). It’s important to schedule system downtime for software updates and patches and to form response protocols and disaster recovery plans for when attacks occur.

Using a CMMS also enhances both the physical security and cybersecurity of your facility. A CMMS can document processes and completion of tasks, such as inspecting the physical security of the facility, in conjunction with maintenance activities. A complete history of facility reviews, such as fire extinguisher and exit sign inspections, and measures related to preventing unauthorized access make large strides to ensure compliance.

Similarly, organizations can use a CMMS to not only simplify maintenance management but also to house key information, such as tutorials or SOPs for tasks throughout the company. It removes the need for employees to access multiple systems to find information and enhances cybersecurity by fusing asset management, employee education, and compliance into a single system. The CMMS offers a single source of truth that anyone with proper credentials can access.

Improve Cybersecurity With the CIA Triad

The CIA triad is a framework companies can use to guide their information security policies. Its three pillars are confidentiality, integrity, and availability. If one or more of these components is compromised, the risk of a cyberattack increases. Organizations often use this three-pronged model to build their cybersecurity foundations.

Adopting a risk-based approach to information security grounded in the CIA triad guides organizations when making critical decisions about cybersecurity. This approach helps determine which security components are most relevant for protecting specific data sets, such as sensor data.

Best Practices for CIA Triad Deployment

Each part of the CIA triad must ensure a robust cybersecurity framework. Here are steps organizations can take to implement each of the three parts.

Maintaining Data Confidentiality 

Maintaining data confidentiality ensures that private information is only available to vetted individuals. Only core personnel should have access to key data. To reduce the possibility of a cybersecurity breach, limit sensitive data entry points to as few people as possible. Scrutinize the people with access and only grant permissions to those who need it to do their jobs.

Organizations should also examine their data access levels for sensitive data that permits control over essential equipment, such as SCADA systems. They can categorize the importance of data by the damage that could result from its unauthorized release.

Human error is one of the primary causes of company data breaches. While limiting personnel access to key individuals is one component, regularly educating the workforce about the risk of security breaches is another way to defend against cybersecurity threats. When employees know how to spot potential phishing attempts, for example, it becomes less likely that they will accidentally click a link that allows malware into your systems to steal data.

An often overlooked cybersecurity risk for manufacturing companies is through vendors in their supply chains. Third-party service providers may have access to information systems, software code, or sensitive information such as trade secrets. Part of maintaining data confidentiality includes ensuring vendors in the supply chain have their own cybersecurity measures in place and that their access doesn’t introduce vulnerabilities into your systems.

However, organizations must clearly understand their asset inventory before designing access controls to address confidentiality. All information assets, including IIoT sensors and gateways, should be tracked and assigned ownership to enable the organization to effectively apply secure policies and processes.

Ensuring Data Integrity

Ensuring data integrity is another cybersecurity best practice. It’s important for organizations to know their data is trustworthy, accurate, and unaltered. Data integrity refers to the validity and accuracy of the data throughout its lifecycle. A company’s operations department and ability to demonstrate regulatory compliance depend on reliable data.

According to Gartner, every year, bad data costs companies an average of $12.9 million. Bad data can lead to damaged relationships with customers, costly misjudgments, and other errors that cost companies millions of dollars.

Organizations should evaluate their level of data accuracy in their own systems, performing full audits if the data appears untrustworthy. It’s important to identify points of vulnerability and determine the required confidence level for maintenance records. If necessary, further protections like passwords or multi-factor authentication can be added. Add controls that prevent unauthorized users from making inaccurate changes or accidentally deleting data.

Maintaining Data Availability

Maintaining data availability ensures data is readily accessible to those who need it to make timely, data-driven decisions. On-demand data should include key performance indicators (KPIs) like uptime percentage. This information enables enterprise asset management (EAM) systems and other critical networks to continuously supply the necessary information.

Maintenance systems must also be protected from accidental or purposeful corruption. Organizations should perform preventive maintenance best practices on the IT infrastructure supporting their processes. Careful consideration should be given to the best timing for scheduling downtime to deploy patches that strengthen the system, reducing potential external entry points.

It is even more important to develop a robust cyber resiliency program to ensure business continuity if there is a security breach. Organizations should classify their data and assets according to criticality and design disaster recovery processes in accordance with business needs. The time it takes to recover a system, known as recovery time objective (RTO), is a key data point to consider when designing a disaster recovery process for critical assets and information. Organizations should also consider the amount of data that can be lost, known as recovery point objective (RPO), when designing a recovery plan.

Implementing a successful cybersecurity plan begins with protecting the confidentiality, integrity, and availability of sensitive data. To achieve this, operations, maintenance, and IT teams must collaborate closely to address cybersecurity issues efficiently and effectively. Together, they should develop comprehensive IIoT and cybersecurity checklists that cover key aspects such as equipment, communication systems, protocols, environmental factors, and security concerns.