The need to patch devices from different manufacturers also reduces the ability to service them comprehensively, Oswal says. “The systems are not designed to be updated frequently,” he says. “You often have to wait many weeks, even months, before there’s a real service window where all these OT and IIoT devices can be patched.”
IT manager for South Coast Water District, patches for IIoT systems lag behind those for other enterprise systems. “In IIoT systems, especially in the infrastructure utility world, the patch rate is typically lower than in enterprise systems,” he says. “Patches for IIoT systems in the utility industry are typically several versions behind the current system (months, sometimes years). Upgrades occur after IIoT vendors certify (allow) upgrades to a certain level or version.”
While unpatched systems increase cybersecurity risk, they can be “tolerable,” Black says. He recommends protecting them as needed, without causing harm or damage to production systems. “System uptime belarus mobile database reliability are typically the top priority, but you want to make sure you have the best security possible,” Black says.
Network operators can’t afford to take IIoT smart sensors offline to patch and update them, because they need to be running 24/7. “We’re certainly familiar with this,” says Black. “Most systems have multiple cybersecurity measures in place—we’re talking about multiple layers of protection. Patching is just one layer. Depending on the situation, patching is often the fourth or fifth layer of protection.”