I can recall from a dusty history lesson back in my school days that there was period of technological advancement known as the industrial revolution. Powered by water, steam and new methods of mechanisation and overseen by cigar smoking Victorian men sporting stove pipe hats, this period transformed our green and pleasant land to one littered with mills, factories and ports. It came as something of a surprise to me that this revolution has had a number of sequels. In fact we are now approaching the forth industrial revolution and within it cyber security has a major role to play.
This fourth revolution, or Industry 4.0 as it is also called, follows on from Industry 1.0, The original industrial revolution, Industry 2.0 : Mass production, assembly lines and electricity and Industry 3.0, where most of us are today, which involves computers and automation. Industry 4.0 will take us into tomorrow where a complex value chain of businesses will operate by bringing together cyber-physical systems, the Internet Of Things (IoT) and the Internet Of Services. Some of this can already be seen in action if you were to look under the hood of Amazon, who blend the sale and delivery of physical items through a complex, yet highly effective, system of stock control and availability through to swift efficient delivery and customer fulfilment. More and more companies will start to operate like this in the future, however in order to do so will need to ensure that any technical vulnerabilities in their systems are not exploited by cyber criminals.
The website, themanufacturer.com, discussed the role of cyber security in this dawning of Industry 4.0, and how as manufacturers adopt new technology standards and look to converge traditional boundaries between IT and operational technology (OT) systems, industrial automation and control systems are exposed to new threats. This is a posh way of saying that when you stick things together that were not originally designed to stick together, there might be a few cracks! To mitigate the vulnerabilities, the advice is to address cyber security from a cultural basis. This is not dissimilar to processes, such as total quality, or just in time manufacturing, or build to order that all came with significant changes to work based culture. The upbeat tone of this article was refreshing and stated that although cybercrime is a significant and serious risk for all types of businesses, it’s not an inhibitor. In fact, by adopting an integrated, holistic approach to security, companies can remain secure as they move into this next phase of industry.
Elements of this holistic approach to cyber security were echoed recently by Fortune magazine, who pointed out that there is no silver bullet for cybersecurity. There was a feeling from the experts that they quoted that complying with regulations can divert resources that would be better spent actually bolstering security and that sometimes it is better to isolate and reduce many smaller cyber threats across a business’s operations, as opposed to trying to build one big all-encompassing cyber defence system. The little by little approach, the hare and the tortoise metaphor can all come into play here. Try to reduce the hysteria over what may or may not happen and take an integrated and pragmatic approach. As Fortune stated “You want perfect cybersecurity? Dream on…”, it’s going to be a continual process of evolution.
If the thought of living with cybersecurity ad infinitum generates a sigh of despair, don’t worry, our business predecessors in previous iterations of industrial revolution felt the same about advances in technology, be that electricity or even the desktop computer. These advances were originally, I’m sure, treated with skepticism but eventually embedded themselves into ‘business as normal’. Cybersecurity is the same and if you’d like evidence of that then take a look at the NATO website. They have published a timeline on how they have been addressing cybersecurity attacks since 1988. From ‘The Morris worm’ though to state sponsored attacks, they have been in the front line of this ‘new’ threat. Perhaps that means that they are now firmly in Industry 4.0, or are they even further ahead, Industry 4.5 perhaps?
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.