Cybersecurity for industrial Internet of Things: a case study of the South African transport sector.

Abstract

There is an increasing drive for the fourth industrial revolution, which has resulted in increasing deployments of Industrial Internet of Things (IIoT). IIoT deployments have led to multiple security incidents. This study focuses on determining the factors influencing cybersecurity for IIoT and the pressing need to secure IIoT devices and networks in South Africa’s transportation sector, which is crucial to the nation’s economy. Examples include maritime, ports, railways, airports, trains, and road transportation. A mixed-method approach is used. Quantitative methods include questionnaires, and qualitative methods include the analysis of documents (industry best practices, standards, and frameworks) used to identify and assess the technological, organisational, procedural and people factors influencing cybersecurity for IIoT in the transport sector of South Africa (SA). The population for this study consisted of 58 participants with knowledge of IIoT security in the transport sector of SA. Questionnaires are analysed using descriptive statistics, correlation, and inferential statistics. Data collected from documents are analysed using thematic analysis. The conceptual research framework underpinning this study is the Design Science Research combined with Business Model for Information Security (BMIS) framework. The areas of BMIS that guided the study are technology, organisation, procedure, and people. The findings of this study bring to light significant organisational and procedural challenges, including the crucial role of cybersecurity staff for IIoT, the necessity for robust incident response plans, and the looming technological threats such as ransomware and cyber espionage. From a people factor, the lack of training, communication, and employee satisfaction emerges as a significant concern, underscoring the need for immediate attention and action. Through the data triangulation from the qualitative and quantitative methods, the relationship between the four BMIS factors is determined, and a framework for IIoT cybersecurity in the SA transport sector is developed. The cybersecurity framework is evaluated against the MITRE ATT&CK framework. Future research includes exploring control breakdowns, implementation feasibility, use of a honeypot to simulate IIoT device vulnerabilities, and alignment with legal requirements, thereby offering the potential for enhanced security measures for organisations in the South African transport sector.