The industrial internet of things (IIoT) has significantly transformed the industrial sectors by connecting devices, machines, and systems to enhance automation, efficiency, and decision-making. However, the increased interconnectivity also poses significant security challenges because IIoT devices control critical infrastructures and processes. Our work presents an implementation of a robust industrial cybersecurity strategy with a segmented network architecture, collaborative efforts between information technology (IT) and operational technology (OT) teams for enhanced resilience and effectiveness, and vertical honeypots across all Industry 4.0 levels integrated with Wazuh for log transmission and proactive threat response, alongside Snort intrusion detection system (IDS) monitoring network traffic. Additionally, we reinforce our architecture by Wazuh with Elasticsearch and Kibana as a security information and event management solution, facilitating data analysis and compliance enforcement through custom rulesets and cybersecurity threat intelligence (CTI) integration, with automatic updates for continuous adaptation against emerging threats.
Read full abstract