What this book covers
Chapter 1, Addressing Cybersecurity in the Age of Industry 4.0, covers Industry 4.0, which is the digital transformation that the manufacturing and production industries are going through in the connected world we live in today. However, there are a number of cybersecurity challenges associated with it, and they need immediate attention.
Chapter 2, Delving into Network Segmentation-Based Reference Architecture – The Purdue Model, explains the Purdue model and the industrial network architecture for industrial internet of things (IIoT), IoT, OT, supervisory control and data acquisition (SCADA), integrated computer systems (ICS), and more. OT is the base of the Purdue model.
Chapter 3, Common Attacks on IoT/OT Environments, elaborates on some of the common attack vectors that we see in IoT/OT. We will see how some of these attacks were made due to the weakness in the system.
Chapter 4, What is Microsoft Defender for IoT?, defines MDIoT, its features, and capabilities.
Chapter 5, How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?, discusses multiple architectures and use cases and how we can fit MDIoT in various environments.
Chapter 6, How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?, enumerates some of the business challenges of managing and securing IoT devices. Certain challenges are particularly important to address today as they affect not only business but also human life.
Chapter 7, Asset Inventory, builds upon the belief that your assets are of paramount importance, so we will show how increasing visibility into your assets will help reduce risk.
Chapter 8, Continuous Monitoring, helps with the detection of policy violations, industrial malware, anomalies, and operational incidents.
Chapter 9, Vulnerability Management and Threat Monitoring, looks at risk assessment, which forms an integral part of MDIoT. For example, the top vulnerable devices, variation from the baselines, remediation priorities based on the security score, network security risks, illegal traffic by firewall rules, connections to ICS networks, internet connections, access points, industrial malware, indicators, unauthorized assets, weak firewall rules, network operations, protocol problems, backup servers, disconnections, IP networks, protocol data volumes, and attack vectors are some of the topics discussed.
Chapter 10, Zero Trust Architecture and the NIST Cybersecurity Framework, focuses on Zero Trust, a security imperative. IoT devices, especially, are highly attacked, paving the way into the internal network and hence the OT network as well. MDIoT, with a minimal operating system (OS) footprint, can help organizations with rich information on risky OS configurations, strong identity for authentication, and so on to determine anomalies and unauthorized activities. Enterprise IoT is also discussed.
