The increase in connected devices exposes companies to growing cybersecurity threats. The NIS2 Directive and the IEC 62443 standard frame the norms in teleassistance aimed at improving cybersecurity, requiring integrated and cooperative measures among organizations.
Information and communication technologies are the foundation of complex systems that support the daily activities of society, economy, and industry. With the emergence of digitalization, connectivity, Industry 4.0, and the Internet of Things (IoT), we are witnessing an exponential increase in connected digital devices. However, despite the number of connected devices, security and resilience are not always integrated into the design, often rendering cybersecurity policies inadequate.
The cybercrime market is indeed concerning, due to attacks aimed at encrypting data or sabotaging production, as highlighted by research from ENISA. IT and OT systems, therefore, can no longer be considered separate, as 94% of attacks on IT systems have caused disruptions in OT systems, highlighting the vulnerability of companies due to an increasingly complex network.
To protect their data, companies must implement analysis and control tools, as established by the IEC TS 63074 standard, which introduces the concept of Security Risk Analysis and refers to the IEC 62443 family.
The deadline for the Machinery Regulation (EU) 2023/1230, which comes into effect on January 1, 2027, requires specific regulations in remote assistance to ensure cybersecurity. The United States, with NEC 2023, for example, has already introduced similar requirements in 12 states, suggesting a trend of anticipation that could also be reflected in Europe with NIS2.
Directive (EU) 2022/255 (NIS2), in effect from October 2024, broadens the scope to include machinery manufacturers, introducing a multi-risk requirement that also involves associated service providers. It is crucial to define the characteristics that industrial plants and machines must meet to ensure an adequate level of cybersecurity and clarify the degree of obligation.
Moreover, it should be noted that although the Machinery Directive 2006/42/EC does not explicitly address cybersecurity, there are related regulations, such as ISO 13849-1 and EN 415-10 standards, which establish some fundamental principles. For example, remote connection must be locally authorized, and safety parameters should not be modifiable without onsite validation. This further emphasizes the importance of adopting an integrated security strategy that protects machines from external threats.
Next, we will examine in detail what the main norms in teleassistance say and what they entail.
The NIS2 Directive (Network and Information Security 2) represents the evolution of the first NIS Directive, introduced by the European Union in 2016 to strengthen cybersecurity. Adopted starting in 2022, this new directive updates and enhances the regulatory framework to address the growing threats and ensure greater resilience of networks and information systems, including those of industrial teleassistance.
One of the main objectives of the NIS2 Directive is to broaden the scope compared to the previous directive. It includes more sectors and critical services for national security, such as digital infrastructures, cloud service providers, data centers, and teleassistance services. Therefore, it is the regulations in teleassistance that are relevant for organizations operating as service providers and companies that use connected devices and systems and must comply with this directive.
Specifically, the NIS2 Directive introduces stricter requirements for risk management and security incident reporting. Organizations must adopt appropriate and proportionate security measures to the risk, including vulnerability management, identity and access management, network monitoring, and implementation of intrusion detection systems. For example, in the case of a security incident, organizations must promptly report the incident to the competent authority, ensuring a rapid response and coordination at the European level.
At the European level, the directive promotes cooperation and information sharing among member states and organizations to improve the collective ability to prevent, detect, and respond to cyberattacks. Such cooperation is particularly relevant for industrial remote assistance, where networks and control systems may be distributed across multiple sites and managed by different.
Let’s now look at the IEC 62443 standard, which is one of the main international regulations developed to ensure the security of industrial automation and control systems (ICS).
This standard, created by the International Electrotechnical Commission (IEC), provides guidelines and requirements for the protection of networks and control systems from cyber threats. Its adoption is, therefore, crucial for monitoring and managing industrial devices and processes remotely.
IEC 62443 is structured into four sections that cover various aspects of industrial security:
The implementation of IEC 62443 offers numerous advantages:
In addition to the NIS2 Directive and the IEC 62443 standard, there are other regulations in industrial tele-assistance that impact security.
Among these, the GDPR (General Data Protection Regulation) is the EU's general regulation on data protection and requires organizations to protect personal data processed, including data collected and used in tele-assistance operations. It is essential for companies operating in this sector to adopt adequate measures to ensure compliance with the GDPR, especially when it comes to protecting sensitive data of operators or customers.
Another relevant standard is ISO/IEC 27001, which defines the requirements for an information security management system (ISMS). In industrial remote assistance, adopting ISO/IEC 27001 helps implement appropriate security controls to protect sensitive information and ensure operational continuity.
Furthermore, the NIST Cybersecurity Framework (CSF) provides guidelines for managing and reducing cybersecurity risks. Although developed for U.S. organizations, this framework is widely adopted globally and can be used as a reference to improve security in industrial remote assistance operations.
Finally, the RED Directive (Radio Equipment Directive) applies to radio communication devices, imposing safety and compatibility requirements to ensure that devices used in industrial teleassistance do not cause harmful interference and are secure against attacks and tampering.
| COSO | It is based on "Managing Cyber Risk in a Digital Age" which provides guidelines on how to respond to corporate cyber threats. |
| Cybersecurity Act Reg. (UE) 881/2019 | The Cybersecurity Act Reg. (EU) 881/2019 introduces a framework for European cybersecurity certificates. Furthermore, it strengthens the mandate of the EU Agency for Cybersecurity (ENISA). |
| Cyber Resilience Act | Regulations aimed at increasing the safety of all products with digital elements. |
| EN 415-1 | UNI EN 415-1:2001 provides a classification of machines for packaging and wrapping. |
| EN 415-11 | The European standard EN 415-11, approved at the end of 2021, defines a standard for the evaluation of Efficiency & Availability during acceptance/testing of packaging machines. |
| GDPR | The General Data Protection Regulation (GDPR) governs how companies and other organizations handle personal data. |
| HITRUST | HITRUST focuses on the analysis and management of risk with 14 different control categories. It can be applied to almost all organizations, including healthcare. |
| IEC 62443 | The IEC 62443 standard is the international standard for the security of industrial automation control systems and for Industry 4.0. The foundations were laid about 20 years ago by the SP99 Committee, established by the ISA (International Society Automation & Control). |
| IEC TS 63074 | Introduces the concept of "Security Risk Analysis" in industrial automation systems, referring to the IEC 62443 family of standards |
| ISO 27000 | The ISO 27000 series is applicable to organizations of all types and sizes. The two main standards, ISO 27001 and 27002, establish the requirements and procedures for creating an information security management system. |
| NIS 2 | The NIS 2 Directive (2555/2022), in effect since January 2023, establishes minimum requirements to ensure greater harmonization at the EU level of cybersecurity laws and procedures. |
| NEC 2023 | Code of Electrical Regulations developed by the NFPA (National Fire Protection Association) that sets safety standards for electrical installations. |
| NIST CSF | The NIST Framework for Improving Critical Infrastructure Cybersecurity, or NIST CSF, is developed to address the critical infrastructures of the United States. Among the main ones are: energy production, water supply, food supply, communications, healthcare provision, and transportation. |
| NIST SP 1800 | The NIST SP 1800 series governs the implementation and application of standard-based cybersecurity technologies in real-world applications. |
| NIST SP 800-171 | NIST SP 800-171 addresses government contractors, who are often targets of cyber attacks due to their proximity to federal information systems. |
| NIST SP 800-53 | The NIST SP 800 series increasingly focuses on cloud security. NIST SP 800-53 is the benchmark for information security for U.S. government agencies. |
| RED | Directive (Radio Equipment Directive) is an EU regulation that establishes requirements for the marketing and use of radio equipment. The goal is to ensure the safety and absence of interference of these devices and services. |
| Regolamento (UE) 2023/1230 | The New Regulation (EU) 2023/1230 aims to harmonize safety and health protection requirements for machinery across all member states. It includes themes related to digital technologies and cybersecurity applied to machinery. |
Security is a critical factor in ensuring the continuity and efficiency of modern industrial operations, and in this regard, it is essential to know and apply the norms in teleassistance. The NIS2 Directive, the IEC 62443 standard, and other key regulations provide a solid and detailed regulatory framework to address the challenges of cybersecurity in this sector.
Complying with these regulations not only helps mitigate security risks but also facilitates collaboration and trust among the various parties involved in the industrial ecosystem. Adopting a proactive approach to security, based on these directives, represents a fundamental step toward ensuring a secure and resilient digital future for industrial remote assistance operations.
With Industry 4.0 and the integration of IT and OT, cybersecurity best practices are crucial to protecting critical infrastructure, data, and remote assistance systems. Advanced technologies such as Artificial Intelligence, Machine Learning, and Blockchain enhance security by detecting anomalies in real time and reducing incident response times.
The growing digitalization, the integration of IT (Information Technology) and OT (Operational Technology) systems, and the adoption of industrial remote assistance solutions have transformed the way companies operate, bringing significant benefits in terms of efficiency and productivity. However, this progress also introduces new cybersecurity challenges, requiring an integrated and proactive approach to safeguard critical infrastructures from increasingly sophisticated threats.
The convergence of IT and OT is one of the key aspects of Industry 4.0. Traditionally isolated and designed to operate in closed environments, OT technologies are becoming increasingly connected to corporate IT networks to improve operational efficiency and enable real-time data analysis. However, this integration also introduces new vulnerabilities. Cyberattacks can spread from the IT network to the OT network, compromising operational security and business continuity. For instance, malware affecting an IT system can easily spread to OT devices, causing machinery malfunctions or production stoppages.
To address cybersecurity challenges related to industrial remote assistance and IT-OT integration, companies must adopt a multidisciplinary approach that includes advanced technologies, well-defined processes, and a shared security culture. Below, we analyze the key practices to implement.
Cybersecurity best practices are essential guidelines and strategies to protect IT systems, data, networks, and devices from attacks, theft, and breaches. Industrial remote assistance, which enables remote access to machinery and production systems, requires particularly high security due to potential vulnerabilities.
A fundamental approach involves the adoption of advanced authentication with multi-factor authentication (MFA) and access policies based on the principle of least privilege, ensuring that only authorized users have access. Additionally, VPN connections and advanced encryption protect data confidentiality and integrity by securing communications between operators and remote assistance systems against interception and tampering.
Access control and network segmentation are also crucial to reducing the risk of attacks spreading between IT and OT environments. This separation limits potential threats and keeps production areas isolated. Keeping software and devices up to date with security patches prevents exploitation of known vulnerabilities. Furthermore, continuous network activity monitoring and logging allow for tracking access, changes, and anomalies.
Advanced threat detection tools, including AI-based algorithms, enable real-time detection of suspicious behavior and rapid response, isolating and resolving potential breaches to minimize downtime and damage.
Endpoints used for remote control, such as workstations, PCs, tablets, and smartphones, must be protected with firewalls and updated antivirus software to prevent them from becoming attack entry points. Employee training is equally critical: raising awareness among staff and technicians about cybersecurity risks and best practices helps prevent threats like phishing and social engineering attacks.
Finally, an up-to-date incident response plan is essential, including procedures to quickly isolate and resolve security breaches and ensure that external suppliers comply with high security standards.These best practices create a robust and resilient security ecosystem, allowing industrial remote assistance to operate securely while protecting the integrity of machinery and company data confidentiality.
The adoption of advanced technologies such as Artificial Intelligence (AI), Machine Learning (ML), and Blockchain adds an extra layer of security to industrial remote assistance systems, optimizing data protection, reliability, and threat response.
For example, AI and ML enable anomaly detection by analyzing network data in real time to identify suspicious behaviors such as unauthorized access or data manipulation attempts that could indicate a threat. With continuous learning, ML algorithms can "learn" from new attacks and automatically update defenses—an essential feature in industrial environments where threats evolve rapidly.
Automated incident response powered by AI allows for immediate action, such as isolating a compromised device or blocking suspicious connections, reducing response times and minimizing damage. In remote assistance scenarios, this ensures rapid and effective protection of industrial machinery. Another key advantage is predictive analytics: ML algorithms can help prevent future incidents by identifying vulnerabilities and recommending security updates or improvements before threats can exploit them.
Blockchain technology, on the other hand, ensures data integrity and traceability through a distributed, immutable, and verifiable ledger. This is particularly useful for securely storing all remote assistance transactions, ensuring that every access or data modification is transparently tracked and unalterable.Decentralized authentication using Blockchain reduces reliance on centralized authentication systems, which can be security weak points. Instead, authorized devices can have a unique key stored on the Blockchain, strengthening protection against unauthorized access.
Smart contracts further enhance security by automating access permissions, allowing devices to be accessed only under specific and verifiable conditions, reducing human error, and improving authorization precision. Moreover, Blockchain simplifies auditing and helps ensure compliance with security and privacy regulations, such as GDPR, by providing a transparent and immutable record of all remote assistance activities.
The integration of these technologies significantly reduces threat detection and response times, enhancing resilience against cyberattacks. In IoT-based remote assistance systems, combining Blockchain and AI can prevent man-in-the-middle attacks by ensuring that only registered devices can connect, while ML verifies that transmitted data follows expected behavior patterns.
