Where the data is born. Have you heard that phrase before? Coined right here in our cyber security organization, it evokes imagery of tiny 1s and 0s nestled in cribs. Ok, illustrative metaphors aside, it really does perfectly explain ADI’s position in the world of technology. With sensing, measurement, and interpretation capabilities, ADI’s sweet spot is sensing that physical (analog) phenomena and measuring it, interpreting it, giving it meaning via edge partitioning and turning it into digital data and information. We really are there at the moment those signals and phenomena turn into data – at the moment data is born.
After 55 years, you could say we’re “raising” the data to reach its full integrity. We have added superior connectivity and power capabilities to the mix, allowing us to build out a portfolio of software and edge-to-cloud platforms with best-in-class security measures.
As we continue to add functionality and insights that offer new value to our customers, the complexity and security risk also escalates. Cyber security in operational technology plays a focal role in expanding the IoT. In this article, for instance, I explore how the digital transformation we’re in expands the attack surface. With more complex, integrated systems there is greater potential reward for hackers.
Understanding the risk, competitive landscape, and standards/laws, is critical to safeguarding any business. With that in mind, ADI’s Security Center of Excellence (SCoE) is helping the various business and technology teams make informed security decisions and enable secure product designs for, and in partnership with, our customers.
When is it time to think about security?
Today’s business environment requires frequent and consistent customer feedback throughout development to ensure products meet or exceed end user expectations. With that in mind, the SCoE is ensuring that ADI teams are thinking about security in all aspects of business.
Considering an agile working environment in the development process, allows teams to demonstrate increased functionality earlier in order to obtain more relevant feedback from a variety of different entities. The caveat is that security can easily become an afterthought in the development cycle, especially when actual requirements are either not known or unclear.
However, the final security posture (the overall security status of the product) is highly dependent on architectural decisions made at the start of any new design. Making architectural changes later in the project is often not possible, which requires a bootstrapping approach to security. That means making security-centric decisions involves building an architecture to support the eventual security requirements for the appropriate market. We talk about this approach more in the Industry 4.0 executive guide, although it’s applicable to all markets and applications.
To put this into context, there are several considerations to bear in mind when making security decisions for any new product:
- The competitive landscape, and how the product will be used in the end product.
- The legal regulations, compliance considerations, and standards that apply to the intended market.
- The notion of risk within the intended application space.
As I noted above, ADI’s continued development of solutions that perform new and higher levels of functionality means that the data being transacted becomes more valuable. This is especially important when you think about the mission-critical systems and products that are dependent on the reliability and trustworthiness of this data.
As a result, being able to make good security decisions from day one requires a level of expertise. ADI teams are involving the SCoE earlier and earlier in customer engagement. This allows them to better understand the landscape, assess risk, incorporate good practices, and develop IP that’s easy for customers to adopt in their end solutions.
Please comment below to share your thoughts on cyber security and the SCoE. To find out more about ADI’s Security Center of Excellence and our security approach please visit analog.com/cybersecurity or contact you sales representative.