Deloitte and Palo Alto Networks collaborate to secure next-gen 5G and OT networks in Industry 4.0

In the era of Industry 4.0, manufacturing is undergoing a revolution due to automation, advanced robotics, and the Industrial Internet of Things (IIoT). The advancement in 5G technology is set to take this transformation to the next level by offering faster connectivity, higher bandwidth, and low latency and remodeling how manufacturing plants operate with the IIoT and operational technology (OT). However, with the benefits of 5G come security challenges that should be addressed to protect the data and equipment from malicious attacks. This blog will discuss the importance of 5G, IIoT, and OT security in manufacturing and the risks and threat attack vectors that need to be addressed.

In the manufacturing industry, 5G technology has become the new frontier. It enables manufacturers to implement real-time monitoring, predictive maintenance, and automation at scale. The combination of 5G and IIoT is a game changer in manufacturing, as it can provide effective connectivity between machines and devices, allowing for efficient production process management. As manufacturing plants become more connected, this increased connectivity can lead to more security risks. The importance of security cannot be overstated in the manufacturing industry. Cybercriminals can target many levels of the production process, from the sensors to the controllers, and use them to launch attacks. These attacks can take various forms, including ransomware, malware, command-and-control traffic, and denial-of-service attacks. The main threat vectors include outdated software, weak passwords, unsecured wireless connections, and human error for OT systems, such as human–machine interfaces, programmable logic controllers, remote terminal units, and engineering workstations. Security breaches can lead to equipment failure, data loss, and production downtime, which can have severe consequences for a company’s reputation and financial stability.

The convergence of 5G, IIoT, and OT calls for a Zero Trust security model that can help to mitigate the risks by treating each user and device as a potential threat and requiring authentication and authorization at each level of the production process. Additionally, the security posture should complement popular architectural frameworks, such as the Purdue Model, which provides a model for segmenting industrial control system networks from corporate enterprise networks and the internet. Such models highlight functional layers, components, interconnections, and interdependencies and how to segment the different levels of the production process, making it easier to identify security vulnerabilities and deploy security measures in industrial control systems.

Additionally, as part of Palo Alto Networks’ NextWave Partner Program, we have a new 5G proficiency to provide effective training curriculums, enablement assets, and post-sales support to help customers achieve the expected value in securing 5G deployments. And to tackle the security challenges in manufacturing, Palo Alto Networks, a leading cybersecurity 5G and OT security provider, is collaborating with Deloitte & Touche LLP, a leader in global systems integration with deep 5G experience. The alliance aims to provide a broad security solution that integrates 5G, IIoT, and OT connectivity with security. The security solution provided by this collaboration includes a true Zero Trust security model—for OT assets, 5G assets, OT networks, and remote operations across plants and remote sites with least-privilege access policies, built-in policy enforcement, continuous trust verification of communications, and continuous security inspection for threats—that fits manufacturing plant architecture, from partially air-gapped to fully cloud-connected environments.

As industrial automation and control system operators adapt and implement private enterprise Citizens Broadband Radio Service, LTE, 5G, and multi-access edge computing networks with IoT and OT assets, they should consider adopting a new approach to security. Process control environments need a strong security posture with granular visibility into 5G user-plane traffic. These environments also need real-time automated security enforcement at the 5G user level and 5G device level. Additionally, clear network visibility across OT, IT, and IoT devices and assets is necessary to stop cyber attackers from infiltrating networks, disrupting critical services, destroying industrial assets, and potentially threatening patron safety. Palo Alto Networks’ Zero Trust OT Security solution combines machine learning with our patented Device-ID, 5G equipment ID, App-ID™, User-ID technology, and crowdsourced telemetry to help quickly and accurately profile assets, apps, and users.

To learn more about Palo Alto Networks Zero Trust OT Security solution for 5G, OT networks, and remote operations, email cyber5gedge@deloitte.com and connect with Deloitte’s Cyber 5G, advanced connectivity and edge cybersecurity team. To connect with Palo Alto Networks’ 5G team, email 5Gsecurity@paloaltonetworks.com.

Get in touch

To learn more about the Palo Alto Networks and Deloitte Alliance, visit us at:
Deloitte and Palo Alto Networks Alliance | Deloitte US
Deloitte and Palo Alto Networks - Palo Alto Networks

Shehadi Dayekh, Ph. D Specialist Leader | US Cyber & Strategic Risk +1 (214) 770-6905 LinkedIn

This blog contains general information only, and Deloitte and Palo Alto are not, by means of this blog, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This blog is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional adviser. Deloitte and Palo Alto shall not be responsible for any loss sustained by any person who relies on this blog.

As used in this blog, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting.