Why Secure Industrial Communication Depends on Deployment as well as Protocols

The Industrial Security Harmonization Group announced the release of a joint industry perspective highlighting a critical truth in industrial cybersecurity: secure communication is not determined by protocols alone, but by how they are deployed and managed in real-world environments.

The ISHG—comprising leading industry organizations including the FieldComm Group, ODVA, OPC Foundation, and PROFIBUS & PROFINET International—collaborates regularly to align security concepts across Ethernet and non-Ethernet communication protocol technologies. Their shared mission is to reduce complexity for end users and promote consistent, effective cybersecurity practices in industrial automation systems.

Industrial communication protocols serve as the backbone of modern automation, enabling seamless connectivity between devices, systems, and applications across both process and factory environments. However, many widely used protocols were originally developed without cybersecurity as a primary design consideration.

The ISHG’s joint work challenges the simplistic binary classification of protocols as “secure” or “insecure.” Instead, it emphasizes a more practical and realistic approach: