As more manufacturing systems digitize, AI can help address many of the vulnerabilities as OT systems are exposed to a wider world.
Historically, operational technology (OT) systems, which include industrial control systems, programmable logic controllers, supervisory control and data acquisition systems, and distributed control systems, just to name a few, have been closed off from the outside world, and thus well-protected from cybersecurity threats. However, as OT becomes increasingly a part of information technology, OT systems increasingly may be open to attacks or hacks. Artificial intelligence may serve as a tool to help protect these systems.
That’s the burning topic explored in a recent webcast featuring Anand Oswal, senior VP and general manager with Palo Alto Networks. Oswal, joined by host Michael Krigsman, discussed how AI and machine learning can protect critical infrastructure as OT and IT systems converge. The challenge is protecting OT systems against cybersecurity threats in the process.
Currently, at least 75% of threats to OT networks originate from IT systems, while 70% of industrial organizations experienced cyber-attacks last year alone.
See also: IT/OT Convergence’s Achilles Heel: OT Security
Transforming Manufacturing Systems Security
The good news is “AI and machine learning can transform OT security, enabling organizations to detect and prevent known and unknown threats in real time,” Oswal pointed out.
“When you think of operational technology, think of factory floors, manufacturing facilities,” he stated. “Think of utility, oil and gas, mining. These environments have high-value assets, and there’s a big difference between IT environments and OT environments. IT environments typically are usually always connected. OT environments are starting to get connected now.”
As OT environments become more digitized, “you can have consistent visibility across the entire infrastructure,” said Oswal. “At the same time, you’re seeing over three-fourths of all threats on OT networks originated from the IT side and then percolated onto the OT environments.” Digitization is an amazing thing. It brings new opportunities, new capabilities for these factory floors, for these manufacturing facilities. But it also brings in an increased attack surface.”
AI can help address many of the vulnerabilities as OT systems are exposed to a wider world. “If you want to stop new threats, threats that you’ve seen before but also threats that you’ve never seen before (what I call day zero threats), then you need to not depend only on the signature and databases. “You’ve got to look at things in line in real time,” said Oswal. “That happens with deep learning across both structured and unstructured data where we’re able to understand what’s going on and protect you from threats that you’ve never seen before.” He refers to this configuration as “precision AI.”
The key is to “use AI to automatically identify devices, establish baselines, and create dynamic segmentation rules,” he advised. “Manual configuration often leads to breaches, while AI can adapt to changing environments and new threats.” In addition, “implement least-privilege access controls and secure enterprise browsers for contractors and employees accessing critical OT assets remotely.” More than 50% of organizations “now allow remote access to high-value industrial systems,” he stated.
The bottom line is these days, “automation and your security and your visibility need to be powered by AI. You cannot do these things manually,” Oswal advised.
