Kaspersky Lab Readies Industry Revolution 4.0

Date : 25-Jun-2019
Location: Kuala Lumpur

Key Take-Aways:
  • The term Industry 4.0 was first used at the Hanover Fair, as a reference to the latest industrial strategy which has been termed the fourth industrial revolution. According to the explanation by Ministry of International Trade and Industry Malaysia I have read months ago, Industry 4.0 is referred to as production of manufacturing based industries digitalization transformation, driven by connected technologies.
  • In 2018, Ministry of International Trade and Industry Malaysia launched INDUSTRY 4WRD, a national policy on Industry 4.0, to place policies and guidelines in place to ensure Malaysian manufacturing industry and its related services would be ready, to be smart, systematic and resilient. The policy has the overarching philosophy – A-C-T, Attract, Create and Transform.
  • One important area for improvement that I know if will be the human force. Malaysia has shortage of required talents, skills and knowledge for Industry 4.0, particularly in the areas of IoT, robotics and AI. The lack of talents in the fields of IoT is hypocritical for Malaysia Industry 4.0 especially in the areas of exposure to cyber threats.
  • The Ministry of Education Malaysia saying that cybersecurity must be introduced at the grassroot level, especially among the schoolchildren. The department of Polytechnic and Community College Education and Politeknik Mersing in Johor is also off to set up the Cyber Range Academy, which provides the students with an authentic learning environment in the threat landscape.
  • For companies to reach their Industry 4.0 goals, all components have to be protected.

  • Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, said that cybersecurity is among the main pillars of Industry 4.0 because as systems become more connected and automated, the exposure to potential cyberattacks increases.
  • Kaspersky Lab offers Industrial CyberSecurity (ICS), with the aim to protect companies from three main risks:
    1. Unintentional infection of an industrial network
      In theory, industrial information networks should not be connected to office networks, and should also not have direct access to the internet. However, sometimes without intending to cause any harm, staff will connect infected removable drives to industrial computers or access the internet to update software on the server, resulted malware manages to penetrate the network.
    2. Internal sabotage
      It is not unusual for people who are professionally versed in industrial systems to try and use that knowledge to trick their employer, which cause serious harm to the business.
    3. External sabotage - cyberwar, targeted actions that are intended to cause damage
      i.e Two years ago, a massive data breach saw more than 46 million mobile subscribers in Malaysia leaked on to the dark web.
  • To avoid being victims and ensuring a clearer path to achieving Industry 4.0, Kaspersky Lab recommends these:
    1. Regularly update operating systems, application software, and security solutions.
    2. Apply necessary security fixes and audit access control for ICS components in the enterprise’s industrial network and at its boundaries.
    3. Provide dedicated training and support for employees as well as partners and suppliers with access to your network.
    4. Restrict network traffic on ports and protocols used on edge routers and inside the organization's OT networks.
    5. Use ICS network traffic monitoring, analysis and detection solutions for better protection from attacks potentially threatening technological process and main enterprise assets.
    6. Deploy dedicated security solutions on ICS servers, workstations and HMIs, such as Kaspersky Industrial CyberSecurity. This solution includes network traffic monitoring, analysis and detection to secure OT and industrial infrastructure from both random malware infections and dedicated industrial threats.
    7. Form a dedicated security team for both IT and OT sectors.
    8. Equip these security teams with proper cybersecurity training as well as real-time and in-depth threat intelligence reports.
Editor's comments:
  • I agree with Kaspersky Lab on this, with the IR 4.0 revolution admists the A.I revolution, many processes will be pushed to the background and therefore neglected, this may in turned increase the potential of cybersecurity risks.
  • 98.5% of companies in Malaysia are SME and they are often 'stingy' when it comes to pre-emptive cybersecurity.
  • Kaspersky Lab needs to ready the SkyNet soon - they will be back !