Understanding the Role of Information Security, Cyber ​​Security, and Network Security for Organizations in the Industry 4.0

30/06/2020 Views : 356

I Putu Agus Eka Pratama

Introduction           
         Industry 4.0 combines information and HR technology, by supporting automation, integration, interoperability, and using data extensively, through 4 main technologies: Internet of Things (IoT), Cloud Computing, Big Data, and Artificial Intelligence (AI) [1]. The main key for Industry 4.0 is data, both as training data, predictions, decision making, and processed into information. Required as a guarantee of data security (physical, digital) and information, consisting of guarantees, theft, and forgery [2] [3]. In this regard, there are known Information Security, Cyber ​​Security, and Network Security.   
         Information Security focuses on securing physical data and digital data [9]. Cyber ​​Security focuses on securing digital data only, inviting the security of digital data on online and offline computers [6]. Network Security focuses on the security process that occurs in digital data in computer networks (electronic transactions, data transfers, data transportation, communication) [7]. Information Security consists of Cyber ​​Security and Network Security, where Network Security is part of Cyber ​​Security.

Description

         Protected security information: Illegal access (unauthorized access), illegal use of data, disclosure of data to other parties (disclosure), the threat of data retrieval (disruption), illegal data changes (modification), Observation of data by other parties (inspection), illegal recording and destruction data (recording / destruction).
Forms of security in Cyber ​​Security include: security using URLs / files/applications (phishing), social engineering to gain access (pretexting), keylogger on the victim's computer / USB flash drive (baiting), protection/extortion by victims whose personal data stolen (quid pro quo).
         Forms of security on Network Security is protected by malware (viruses, worms, trojans, ransomware), security weaknesses in software (zero-day attacks), attacks by hackers (hacker attacks), activating services through data packet flooding (denial/distribution denial of service attack), application to download victims (spyware) [13].
         Efforts can be made to improve security, including firewall, anti-virus, Intrusion Detection and Prevention Systems (IDS / IPS), Virtual Private Network (VPN), security framework (ISSAF, OWASP), CIA Triad (Confidentiality, Integrity, Availability ), governance framework, IT Audit [11] [12], IT Risk Management, and regular data backup. Public safety standardization: ISO 27000/1, ISO 31000: 2018, NIST SP 100-800. Supporting technology in Industry 4.0 can also be empowered to help improve security, for example, Machine Learning for ransomware detection [15]. Data (physical, digital) and information security can increase trust, maintain good name, encourage business freedom, maintain privacy, and increase user comfort.

Conclusion

          Information Security, Cyber ​​Security, and Network Security, play an important role in data and information security in the Industrial 4.0, because data is an important asset. Data and information security must be the main focus to achieve business objectives, privacy, and user convenience.

Bibliography:

[1]Eunika, M.L., & Cristina R.M. Ecosystems of Industry 4.0 : Combining Technology and Human Power. MEDES Proceedings of the 11th International Conference on Management of Digital EcoSystems, November 2019, pp.115–119.
[2] Enrico F., et al. Network Synthesis for Industry 4.0. DATE : Proceedings of the 23rd Conference on Design, Automation and Test in Europe, March 2020, pp.1692–1697.
[3]HP. Security in the era of Industry 4.0. HP. 2020.
[6]Simon J., et al. What is Cyber Security? Differential Language of Cyber Security Across the Lifespan. CHI Conference on Human Factors in Computing Systems, May 2019, Paper No.: LBW0269, pp.1–6.
[7]Maxim OK., et al. Network Security Architectures for VANET. SIN Proceedings of the 10th International Conference on Security of Information and Networks, October 2017, pp.73–79.
[9]Anatoly A.M., et al. Information Security Theory Development. SIN Proceedings of the 7th International Conference on Security of Information and Networks, September 2014, pp.52–55.
[11]Alexander E.A., et al. Towards an Integrative Theoretical Model For Examining IT Governance Audits. ICEGOV Proceedings of the 11th International Conference on Theory and Practice of Electronic Governance, April 2018, pp.18–22.
[12]Bob  D.,& Mark W. Compliance with Standards, Assurance and Audit: Does This Equal Security? SIN Proceedings of the 7th International Conference on Security of Information and Networks, September 2014, pp.77–84.
[13]Wira Z., et al. The Rise of Ransomware. ICSEB Proceedings of the 2017 International Conference on Software and e-Business, December 2017, pp.66–70.
[14]Routa M., et al. Ransomware's Early Mitigation Mechanisms. ARES Proceedings of the 13th International Conference on Availability, Reliability and Security, August 2018, Article No.: 2 pp. 1–10.
[15]Oneil B.V. Exposing Android Ransomware using Machine Learning. ISSM Proceedings of the International Conference on Information System and System Management, October 2019, pp.32–37.


*this article has been cited at https://id.wikipedia.org/wiki/Industri_4.0#Kesiapan_Indonesia