By /

Project results

Industry Needs in Cybersecurity and IoT: highlighting the latest industry needs and trends in cybersecurity and IoT as identified by various reports


Industry Needs in Cybersecurity and IoT from the public and private sector

Cybersecurity and IoT are two rapidly evolving industries, presenting challenges and opportunities for businesses of all sizes and sectors. In this article, we present key industry needs and trends provided by ENISA, CLUSIT, Gartner and Frost & Sullivan as reported in the first annual market and state of the art analysis in the context of IoT, AI and Cybersecurity of the European MERIT project.


Who are ENISA and CLUSIT

ENISA (European Union Agency for Network and Information Security) and CLUSIT (Italian Association for Information Security) are both organizations that support information security, but with different focuses and spheres of influence.

ENISA is tasked with helping to improve the resilience of critical infrastructures, promoting cooperation between EU Member States and providing technical assistance and advice on cybersecurity. CLUSIT brings together experts, professionals, companies, public and private bodies interested in developing and spreading the culture of IT security in Italy.

ENISA and CLUSIT collaborate with each other and with other national and international organizations to address the challenges and opportunities of cybersecurity in the digital world.


ENISA Insights

In RESEARCH AND INNOVATION BRIEF: Annual Report on Cybersecurity Research and Innovation1 ENISA provides a forward-looking perspective on challenges and opportunities in 4 key-structural trends: hyperconnected world, intelligent systems (or AI-based software systems), cybersecurity in life sciences (biotechnology), and computational security.

Hyperconnected world refers to a world where people, information and devices are extremely interconnected through advanced digital networks, such as the Internet. In this context, connectivity is ubiquitous and pervasive, facilitating instant communication, data exchange and access to digital assets from anywhere.

ENISA discusses how hyperconnectivity affects humanity and social and political dimensions, as well as the security risks associated with this redefinition of the boundaries of human-computer interaction. The role of artificial intelligence in improving cyber defenses and orchestrating cyberattacks is also explored. The proposed topics to focus research are:

  • The redefinition of boundaries of human-computer interaction (HCI), and the concomitant cyber risks that are associated with this;
  • Cybersecurity in the context of new generations of mobile communications and datacollection or processing methods (evolution from 5G to 6G).

Intelligent systems are technological systems capable of processing information and learning from it, adapting autonomously to improve performance or solve specific tasks. These systems often incorporate technologies such as artificial intelligence, machine learning and data analytics to make decisions autonomously or assist users in their tasks.

ENISA explores the role of Artificial Intelligence (AI) in improving cyber defenses and orchestrating cyberattacks. In particular, it highlights the importance of understanding how AI can be used to improve cybersecurity, but also how it can be exploited to orchestrate cyber attacks. The proposed research focuses are:

  • Development of a standardized performance evaluation framework;
  • Design of approaches for the monitoring of large-scale and possibly interconnected systems;
  • Exploration of biomimetic cybersecurity algorithms;
  • Incorporation of the security-by-design concept (assess the security of the protection mechanisms against a standardized framework considering diverse malicious attempts);
  • Preservation of the privacy and confidentiality of the information flow;
  • Inclusion of context awareness in ML in order to boost resiliency.

Biotechnology is a field of biology that involves the use of living organisms or their derivatives to make or modify products or processes for a specific use2. This can include the use of bacteria, yeast, plant and animal cells to develop industrial and scientific products and processes3.

ENISA highlights the need to protect biotechnology and the digitization of biology from cyber threats: the importance of understanding biotechnology vulnerabilities and developing measures to prevent, protect, mitigate, investigate and attribute security threats. It also examines specific cybersecurity challenges in biotechnology, such as gene editing and manipulation of biological systems. Finally, the urgency of addressing these cybersecurity issues in biotechnology through researching the following:

  • The evolving risks and the threat landscape in biotechnology R&D;
  • Risk management framework in the field of public health microbiology (e.g. modern DNA sequencing);
  • Categories of cyber biosecurity vulnerabilities (i.e., distinguishing the more traditional ones from those that are outside existing methodologies);
  • Identification of the processes and routines throughout the life science fields that require interfaces and reliance on automation.
  • Establish cyber biosecurity guides and standards.

Computational Security is a field of cybersecurity that focuses on protecting computer systems and data from digital threats. This includes preventing unauthorized access, protecting against manipulation or destruction of sensitive data, and defending against disruption of business processes. Computational security can involve various aspects, including network security, application security, information security, and end-user training.

ENISA addresses several issues, including the need to develop sustainable cryptography, privacy-preserving blockchain technologies, and hardware assisted security. In particular, it highlights the importance of protecting data at all stages of the lifecycle, including key management and data access control; the need to ensure the security of data in use, not only during transfer or storage, but also during execution of operations. Additionally, it discusses the challenge of hardware-assisted security, highlighting that even the most secure algorithms can be vulnerable if the computing environment in which they run is not adequately protected. The proposed research focuses are:

  • Quantum resilient or safe and efficient public key schemes;
  • Efficient implementations of symmetric key schemes that possess a higher level of security;
  • Standards for new quantum resilient/safe algorithms and protocols;
  • Planning and preparation for the transition to the Post Quantum era of cryptographic systems;
  • Hardware assisted security, more specifically on CPU technology, transparent application support and the combined use of Trusted Execution Environment technologies and Homomorphic Encryption (HE);
  • Compilers that produce efficient and secure multi-party computation (MPC) and HE protected code;
  • Standardization of HE schemes and MPC protocols;
  • Hardware acceleration of MPC protocols and HE schemes;
  • New assumptions and impossibility results that derive from mathematics, physics or hardware limitations, as a basis for future cryptography;
  • Secure implementations of cryptographic systems that resist side channel attacks.
CLUSIT Insights

Rapporto Clusit 20234 provides an overview of the most significant security incidents that occurred in Italy and globally in the first half of 2023, comparing them with the data collected in the previous four years by CLUSIT. The report also includes an in-depth analysis of the evolution of Cybersecurity in the manufacturing/industrial sector, with sector data taken from a survey by CLUSIT in June 2023 and an additional survey carried out in collaboration with Reti SpA in Lombardy regarding small- and medium-sized Italian enterprises.

The report highlights:

  • The importance of security by design: companies must integrate security measures into the design, development and operation of corporate systems, to prevent and mitigate risks associated with the digitalisation and interconnection of devices and processes.

    The most common measures that were suggested in the last-year edition were: enforcing privilege separation and least-privileged access, implementing Multi-Factor Authentication (MFA) and Conditional Access Control; use privileged access management controls like Just-in-Time (JIT) access; investing in extensive detection and response (XDR) capabilities; adopt Zero Trust principles, including continuous evaluation of privileges; identifying and protecting data based on risk (e.g., performing a threat assessment of the available assets) and regular patching.
  • The evolution of threats and attack techniques: cyber attacks are increasingly sophisticated, targeted and persistent, and exploit known or zero-day vulnerabilities, phishing campaigns, destructive malware, DDoS attacks, disinformation and data leaks. Hostile actors can be nation-states, cybercriminals or hacktivists, with different motivations and objectives.
  • The need for greater collaboration and information sharing: companies must cooperate with institutions, law enforcement agencies, external partners and other organizations involved in cybersecurity, to exchange data, knowledge, best practices and expertise, and to create an alert and response system for cyber incidents.
  • Technological innovation to support security: companies can leverage the potentialof artificial intelligence, cyber threat intelligence, the Internet of Things, cloud computing and blockchain, to improve their prevention, detection, analysis and reaction to cyber threats, and to increase the efficiency and competitiveness of their processes and products.

Who are Gartner and Frost & Sullivan

Gartner and Frost & Sullivan are research and consulting firms that provide in-depth analysis and market forecasts, to help navigate the ever-changing technology landscape.


Gartner Insights

Gartner reports in Technology Adoption Roadmap for Midsize Enterprises (MSE) how the 400 respondents indicated Zero Trust Network Access (ZTNA) as a pilot security project (with high value for the enterprise); Security Orchestration Automation and Response (SOAR – high enterprise value), Endpoint Detection and Response (EDR) and Cloud Access Security Broker (CASBs) – both with medium enterprise value, and XDR (low enterprise value) as projects with expected deployment in 2023. The key takeaways we want to highlight in this article are the following:

  • MSEs are responding to surging ransomware attacks by deploying MDR, Network Detection and Response (NDR), Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR).
  • MSEs are prioritizing deployment of cloud and security technologies that strengthen infrastruc-ture for remote and hybrid work. Distributed Cloud Systems and Hybrid Cloud Storage are also trending, prompting their prioritized deployment.
  • While MSEs plan to deploy Citizen Integrator Tools by 2023, they are currently piloting Citizen Automation and Development Platforms (CADPs) to support low-code development en-vironments for business users. By investing in lower-risk citizen technologies, MSEs aim to drive business-led IT and hyper automation while improving speed and agility.
  • Despite advancements in NLP technologies, the complexity and ambiguity of the human lan-guage continues to be an obstacle for mainstream deployment.
  • A growing number of SD-WAN and SASE vendors offer integrated Enhanced Internet capabilities, prompting MSEs to evaluate potential efficiencies. While 20% of MSEs have already deployed the technology, others are still evaluating how well it lives up to market hype.
  • Despite indicating high-deployment risks for AI technologies, over 64% of the MSEs are either currently deploying or have already deployed AI cloud services and AIOps.
  • Although MSEs identify 5G services as high value, inconsistent coverage and lack of supported devices prevent wider adoption. Instead, MSEs plan to deploy identity-based segmentation, SD-WAN and Network Traffic Analysis by 2023 for secure and consistent net-work coverage that enhances employee productivity.
  • MSEs are recognizing the advantages of API management PaaS in supporting cloudplatforms and automation. Talent shortages in specialized skills also preclude MSEs from hiring staff to support API management.

Frost & Sullivan Insights

In European Cybersecurity Responsibility, Spending, and Posture, Frost & Sullivan analyzes the impact of the COVID-19 pandemic on the cybersecurity budgets of medium and large organizations in Europe. It reports cybersecurity responsibilities, concerns, impact, maturity and purchasing intentions in five countries: France, Germany, Italy, Spain and the United Kingdom. We would like to highlight the following:

  • The top 3 reported cybersecurity concerns are system vulnerabilities, ransomware, and targeted phishing attacks.
  • Enterprises express underpreparedness in SOAR, SOC as a Service, CASB, and SIEM.
  • Most desired security additions include Security Orchestration, SOC as a Service, CASB, MFA, and SIEM.

In Technology Convergence is Enabling the Automotive Internet of Things (IoT): advanced Communication Technologies will Revolutionize Automotive IoT, Frost & Sullivan provides three strategic imperatives Industry Convergence, Disruptive Technologies, and Competitive Intensity; four market growth drivers (Safety, Data, Efficiency, and Cost-effectiveness) and four restraints (Network Security Concerns, Data Management Complexities, Lack of Connectivity, and Regulations) in the next three year. We would like to highlight the following:

  • Industrial needs: Sensors (Lidar, Radar, image sensors), Communication networks (V2V, V2X, V2I), Communications technologies (Bluetooth, Wi-Fi, RFID, UWB)/Zigbee, WSNs, 4G LTE/5G, Lora, NB-IoT), Vehicular Communication Networks, IoV Cloud Technologies, Machine learning, Data analytics, Object detection, Image processing algorithms, Accurate sensing of parameters, Location-based multi-parameter sensing, Real-time data Management, Efficient communication between machine-machine and human-machine, Auto-steer, maneuverability, Error detection, Predictive maintenance, Remote operability of system (automotive manufacturing), Remote monitoring Prediction of traffic conditions, and Intelligence functionality.
  • Market growth opportunities: Automotive IoT Technologies for Enhanced Supply Chain Management, Technology Advancements in Automotive IoT for the Development of Predictive Diagnostics Solutions, Adopt Cybersecurity Solutions to Address Real-world Cyber Threats.

Conclusion

In conclusion, these industry reports collectively emphasize the importance of proactive measures, strategic technology adoption, and continuous adaptation to address the evolving cybersecurity landscape. Organizations that align their cybersecurity strategies with these insights will be better positioned to mitigate risks and safeguard their digital assets in an increasingly interconnected world.

  1. https://www.enisa.europa.eu/publications/research-and-innovation-brief, 12/05/22. ↩︎
  2. Biotecnologia – Wikipedia. ↩︎
  3. Biotecnologie, che cosa sono? | Fatti Non Fake (federchimica.it). ↩︎
  4. Since the publishing of the annual analysis, CLUSIT released the 2023 edition in December 2023. We therefore provide the new insights in the article. ↩︎
Scroll to Top