security, MLSecOps, AI, AI security, cybersecurity

Operational technologies (OT), which traditionally have been kept isolated, are now increasingly merging with their organizations’ IT environments, fueling heightened cybersecurity concerns that may be alleviated to some degree by the growing use of AI, according to Cisco Systems.

Entities increasingly are seeing productivity and efficiency advantages to integrating data OT and IT data while also being able to reduce the high costs that come with running the operations separately. However, this convergence of OT and IT also comes with challenges, with cybersecurity topping the list.

“Operational technology … networks are converging with their enterprise IT counterparts, creating a complex and dynamic environment,” Keith Higgins, director of Industrial Internet of Things (IIoT) marketing for Cisco Systems, wrote in a blog post this week, noting a “growing concern for OT cybersecurity across all industries. Industrial networks, traditionally air-gapped from the outside world, are now increasingly connected, making them vulnerable to cyberattacks.”

Legacy systems, an expanding attack surface, and a workforce that is being stretched thin are adding to the problem, Higgins wrote.

Cisco this week released its inaugural State of Industrial Networking report to take a look at the rapid industrial networking landscape, working with Sapio Research to survey more than 1,000 industry professionals in 20 sectors and 17 countries. Rising to the top were three themes: A growing concern about OT security, the need for collaboration between OT and IT operations, and AI being the emerging technology that will most impact industrial networking in the next five years.

AWS

Growing Cyberthreat to OT

The concern about cybersecurity is real. The Biden Administration has put a focus on critical infrastructure and OT security in its efforts to boost the country’s cybersecurity capabilities in the wake of attacks on such companies as Colonial Pipeline and JBS Foods in 2021.

In a joint advisory, CISA and the FBI noted that “internet-accessible OT assets are becoming more prevalent across the 16 [U.S. critical infrastructure sectors] as companies increase remote operations and monitoring, accommodate a decentralized workforce and expand outsourcing of key skill areas such as Instrumentation & Control, OT asset management/maintenance, and in some cases, process operations and maintenance.”

Legacy OT systems and the amount of information about OT systems connected to them are compounding the problem, the agencies wrote.

The number of attacks have continued to grow, with cybersecurity firm Forescout Technologies recording more than 420 million attacks – or 13 attacks per second – on critical infrastructure worldwide last year, a 30% year-over-year increase.

Stephen Webber, a defense analyst at the Rand Corporation, wrote earlier this year about the decade-plus history of cyberattacks on U.S. critical infrastructure, including the FBI’s warning this year that Chinese state-sponsored hackers already have infiltrated the networks of critical infrastructure entities, essentially lying in wait until the need to strike and disrupt operations arises.

“These complex systems of critical infrastructure – which include energy, finance, food and agriculture, health care, municipal services, transportation, water and many more – are vulnerable, and not just to state actors,” Webber wrote. “Even small groups of criminals have left thousands without electricity, cut off responders’ communications in major cities and prevented patients from receiving care at hospitals.”

It’s All About Cybersecurity and AI

According to Cisco’s report, cybersecurity is the top concern for those running operation networks, with 43% saying bolstering their defense was a major spending priority, followed by AI at 42%. In addition, 48% said that AI is the emerging technology most likely to have the biggest impact, with cybersecurity next at 32%.

The top two reasons cited for wanting to invest in AI are wanting to improve network management across OT and IT environments (49%) and increasing the collaboration between both (46%). Right behind, at 43%, was enhancing reliability and cybersecurity requirements.

“AI is poised to play a transformative role in industrial networking, with the ability to automate tasks, improve network performance, and predict potential issues before they disrupt operations,” Cisco’s Higgins wrote.

Expanded Attack Surfaces

Cisco’s findings dovetail with what other tech organizations are saying. In a blog post earlier this year, Oakley Cox, a product manager with cybersecurity firm Darktrace’s R&D team, wrote that “while largely adopted by industrial organizations, OT is utilized by Critical Infrastructures, these being the industries that directly affect the health, safety, and welfare of the public. As these organizations expand and adopt new networked industrial technologies, they are simultaneously expanding their attack surface.”

AI can improve cybersecurity for OT and industrial control systems in a number of ways, including by detecting and responding to anomalies to protect against threats that haven’t been seen before and signatureless threats that come from the inside, Cox wrote.

The technology also can improve the management of assets and vulnerabilities, including remediation and mitigations strategies, and simplify compliance and reporting tasks. That includes autonomously investigating incidents and summarizing the findings in natural language, and enabling organizations to more quickly report major cyberattacks to regulatory bodies.

TECHSTRONG TV

Click full-screen to enable volume control
Watch latest episodes and shows

AI Field Day

TECHSTRONG AI PODCAST

SHARE THIS STORY