IOT AND IIOT
THREAT OR OPPORTUNITY?
Verify · Optimize · Certify
ÜBER UNSER UNTERNEHMEN
TÜV Austria – founded 1872
TÜV TRUST IT provides:
● Certification services in the area of
information security and privacy
● Over 40 IT security experts
● Long-standing experience
● Extended industry segment know-
IT SECURITY OF
IT SECURITY IN THE INDUSTRY
History repeats itself
✔IT security of some industrial components (SPS) equates with the level of security of IT
system 20 years ago.
✔This allows the same attacks like on IT systems 20 years ago.
✔An industrial component needs the same amount of
protection as a standard IT component e.g. a PC.
✔The presumption that OT is completely different than IT
in the area of cyber security is false.
✔One example are Siemens SPS.
✔Siemens provides all known vulnerabilities on their CERT Internet page.
✔As an example in September 2019: 7 vulnerabilities disclosed
✔It shows that the provided vulnerabilities are not really specific to
the industrial sector but can also be found in
„normal“ IT systems like servers and clients.
✔TÜV AUSTRIA published a Whitepaper
called „IoT im Smart Home“
✔It describes new attack scenarios using
side channel attacks
✔The use against IIoT and I4.0 is more likely
than in a smart home environment
✔Right now, there are no easy and cheap
✔Countermeasures against sophisticate attacks can only work if the defense are informed.
This means the access to information, which are displayed in a SIEM like Splunk.
• Cybersecurity is getting more and more important.
• Each involved party needs to think about security.
> Product developers
> Product integrators
> Administrators of the products
> User of the products
• Unfortunately, IoT and IIoT devices and cybersecurity is both; a threat and an
opportunity. We all will benefit from the integration of devices but also this new
integration can cause us harm.
• The key to success is the visibility of information and problems in the network to protect
Your individual contact:
Telephone +49 (0)151 41436773 | firstname.lastname@example.org