How to Keep Networks Secure in an IIoT World [Interview]


At the start of this year, I predicted that for myself and many others the Internet of Things (IoT) would have a significant impact on business and how we provide as well as consume solutions in the future. No matter if you are talking about consumer space, retail, enterprise, or other industries, IoT will cause some ripples and enable a leap even for technology partners.

A sub-category of IoT is IIoT, which stands for Industrial Internet of Things. This clearly outlines a technology stack with a focus on commercial solutions, and it excludes any sorts of Alexa-enabled devices and the likes.

Looking back at my tweet from January, I said that enablers for this to happen smoothly is 5G and InfoSec. While I don’t need to educate you about how 5G is not just another “G”, today we focus on security. For that, I had the honor to do an interview with my dear cousin, Benjamin Isak, who happens to work in this particular field. He is employed as an account manager for Industry 4.0 and IIoT at NCP Engineering.

Interview with Benjamin Isak, Industry 4.0 and IIoT expert

CI: Hi, Ben, and thanks for taking the time to talk with us today. Ice-breaker question! How would you explain your work to a 5-year old?

BI: Thank you, Chris, it’s my pleasure to be interviewed by you. As you may know, I’m a long-time reader of TechAcute. Haha to a 5-year-old… ok, nothing easier than this! (smiles) I help companies to protect themselves from bad guys, by giving them the right tools to prevent break-ins or damage. At the same time, we optimize the way production works with simultaneous improvement of how machines and people work together safely.

CI: Tech-focused people of today live in a post-cloud-trend era and talk a lot about edge computing. Do you think edge-computing was an organic part of the cloud evolution in the industry? When is centralized computing important and when is decentralized computing having an advantage?

BI: Not a question of centralized or decentralized, moreover it depends in terms of performance, à latency and/or security aspects, which data should and/or could be transferred to an external system. Alternatively, even within the company itself. Regarding edge-computing, it’s clearly a thing of latency concerns. If you need information or results as quick as possible, edge is the way to go and one is free to combine edge- and cloud-computing, e.g., when it comes to further processing of summarized results.

As a matter of fact, there are a lot of differences between SMB and big enterprises and of course, depends on the particular industry.

CI: At NCP Engineering you have exciting solutions to secure the IIoT from bad actors. How does the technology behind the service work exactly? Do you have some examples for us?

BI: As so often, it depends. It ranges from highly secure encrypted and feature-flexible secure communications via IPsec VPN, management of machine identities, security certificates, network access control, or even remote maintenance.

Especially in IIoT, encryption is not everything. Of course, it’s always included, but the real innovation is the arbitrary granular data exchange from any machine/sensor/actuator to any system and/or external partner is as much or even more important. This convergence of heterogeneous data of all physical machines, robots, and sensors, is crucial and can only be adequately handled with a powerful, as I call it, “OTSM.”

Wondering what the acronym stands for? You may ask (smiles) …it’s “operational technology secure middleware.” It optimizes all communication within production and forms a robust bridge between OT and IT, is highly secure, connects even external partners and systems across company boundaries, along the entire supply chain, if needed.

NCP Engineering Secure Communications Presentation Drawing Examples Clients IT Level Process Map OT Servers IIoT

CI: When managing IT infrastructure every vendor and every product family seems to come with its own management system. Does NCP offer a sort of central management solution that acts vendor-agnostic? Just how do you keep track of all the devices across IIoT islands and brownfields?

BI: Yes, one can handle that with our Secure Enterprise Management (SEM). For example, one can check compliance with security policies, e.g., Network Access Control (NAC), rollout and manage remote access software, configure updates as well as licenses or certificates and automate all your steps within our integrated scripting engine. If you want to know more, have a look right here.

CI: What do you think of 5G? Is that likely going to disrupt your business? Do you see more enablers or more security concerns when shifting up to the next generation of cellular network technology?

BI: I’m not an expert for 5G, but regarding performance, data-throughput, 5G is awesome. Especially in production environments. When it comes to wireless sensor-connections within machines. This creates the prerequisite for real-time data analysis and adaptive control of manufacturing processes with short reaction times.

Things like that will not disrupt my business, but on the contrary even improve it, as it’ll be possible to process heterogeneous data from different sources in a timely synchronous manner, which elevates an OTSM to the next level.

CI: Did you ever get an emergency call from a company who got hit by a cyberattack and wanted your immediate help to recover from the same? Alternatively, are your clients mostly planning ahead for their cybersecurity and don’t really go into panic-mode?

BI: No, we have no cybersecurity response team or something like that. Our customers prevent those things from happening proactively with our solutions. That is not our business model.

CI: Do you think there should be more laws and regulations enforcing companies to make use of certain security standards to support their information security and technology? What should be the security minimum for a company from your point of view?

BI: Hmm… that’s not really my topic. I am more oriented in the best liberal sense and no friend of more laws and/or regulations. I think that manufacturing companies are doing OK with BSI Grundschutz as a solid base. Then one can build on it.

CI: Looking back through your track records, what was your favorite project at NCP Engineering until now? And why?

BI: I have to go with what I’m currently working and advocating on, the OTSM product vision, which I mentioned earlier within my answer for Q3. OTSM describes a system, which sources, aggregates, filters, secures and routes any data/information from any heterogeneous systems from shop floor to top floor and above like cloud and/or any party outside the own company if needed. With OTSM it’s ensured that only the needed data is sent to exactly the system(s) to which they are supposed to.

Some of the great benefits are:

  • Automation of business processes (optimization)
  • Elimination of interfaces and data redundancies
  • End-to-end transparency
  • Simplification of configuration and integration of machines
  • Better service to internal and external stakeholders
  • Improvement of productivity

and many more…

CI: Thanks so much for your answers today! Is there perhaps anything else that you would like to share with our readers?
BI: We’re currently looking for a pilot- and/or strategic partner for our OTSM Vision, who wants to innovate with us and level up their Industrie4.0 / IIoT engagement. So anyone, who wants to know more, can contact me anytime via my email à: Thank you so much for having me. It was fun!

I hope that you’ve enjoyed the interview as a reader as much as I did asking the questions. What would you have asked if you were in my seat? Do you have anything to share with us, or would you like to add your thoughts? Feel invited to drop us a comment below. We’d love to hear from you.

YouTube: Secure Communications for Company IT and Industrial Internet of Things

Photo credit: All materials have been provided by Benjamin Isak of NCP Engineering with permission to use them in this article.
Editorial notice: Parts of the interview have been condensed and changed for clarity. No facts were altered.

Was this post helpful?

Christopher Isak
Christopher Isak
Hi there and thanks for reading my article! I'm Chris the founder of TechAcute. I write about technology news and share experiences from my life in the enterprise world. Drop by on Twitter and say 'hi' sometime. ;)
- Advertisment -
- Advertisment -
- Advertisment -
- Advertisment -
- Advertisment -
- Advertisment -