Tim Grieveson, Chief Information Security Officer, AVEVA - 2Blog

Predictive cybersecurity is the need of the moment

By Tim Grieveson, Chief Information Security Officer, AVEVA

The exponential development of computing devices has expanded access capabilities for cybercriminals to detect and exploit vulnerabilities in innovative ways. With a medium-grade smartphone now more powerful than the most advanced computers were only a few years ago, for example, cybercriminals can launch powerful and sophisticated attacks at a relatively low cost from a mobile unit while also working from home.

That ease of access goes some way to explain why there is a cyberattack every 39 seconds. As industrial organizations embrace digitalization, inadequate security protection can open up their systems to malicious actors. Criminals today use a wide variety of methods, from commonly used techniques such as phishing and computerized password hacking to more sophisticated operations such as watering hole attacks that deliver malware to visitors.

Increasingly, the same innovative technology that is being used to deliver innovative solutions for common benefit is being deployed in destructive ways to inflict catastrophic damage to infrastructure, business systems, and ultimately, the citizenry.

The Autonomous Industrial Enterprise: A roadmap to asset excellence
Software firm Aveva emphasizes the role of AI, ML in industrial operations

Two sides to the same coin

Artificial intelligence (AI) is just such an example of dual-use expertise. While the technology has already improved business operations in several ways, AI is already being weaponized for illicit gain.

Attackers may seek control of the data sets that train the AI, for example, by subtly altering parameters or modifying scenarios to avoid detection of underlying data exploits. Similarly, pattern recognition can be used to identify access points for injectables for remote execution at a later date, or even to improve social engineering by targeting workers at their most vulnerable moments. A simple mention on a social media website about grid maintenance could alert cybercriminals to a potential weakness.

At the same time, AI can also be deployed for protection. The best line of defense is often to retaliate in kind. AI is already being adopted in network monitoring and data analytics, where it is used to determine a baseline of normal behavior and identify inconsistencies of different kinds, such as unusual traffic patterns or anomalous server access. As the algorithm learns and progresses, predictive analytics can be deployed to flag up such intrusions early on, while deploying defensive responses and raising supervisory alarms.

As technologies such as AI rapidly evolve to become integrated into the industrial passage, cybersecurity issues will remain a key area of concern. Security professionals must assume that AI and other technologies can and will be used for criminal benefit. Global cybercrime is expected to inflict $6 trillion in total damages this year, rising to $10.5 trillion annually by 2025. A significant percentage of those attacks are likely to hit industrial organizations. A comprehensive approach that anticipates and predicts cyberattacks can safeguard organizations from security issues.

For industrial organizations on the road to digitalization, cybersecurity concerns can be addressed in three significant ways, through a combination of intelligent design, cloud computing, and machine learning.

Embed security across software solutions: Cybersecurity must be placed at the forefront of digitalized processes and baked into any solutions being deployed across the enterprise. Industrial software solutions must incorporate security protection across the system design and development process, from the very start through to rigorous testing and validation to eliminate any vulnerabilities and exhaustively address cybersecurity challenges.

Automated software upgrades: Process interruptions and downtime must be eliminated to maintain operational continuity, particularly as industrial organizations too embrace remote operations. Keeping security infrastructure up-to-date patches critical vulnerabilities and strengthens industrial assets against cybercriminals. Automated upgrades equip industrial IT infrastructure with the latest security capabilities and bypass conventional barriers to software adoption, in the process empowering industries to leverage leading technologies and quickly respond to evolving market demands.

Deploy AI technology against cyber threats: Tools such as the Unified Operation Center (UOC), AVEVA’s market-leading performance management tool, can easily combine IT and OT products for enhanced cybersecurity protection. By using machine learning and artificial intelligence to provide a centralized view of systems across the enterprise, decision-making is streamlined so even the slightest anomaly is detected early, well before it can escalate into something bigger and more damaging.

As technologies evolve and cybercriminals abuse them for illicit gain, traditional one-off approaches are no longer sufficient to protect organizations. Instead, businesses must take a systematic, multilayer approach that anticipates cyberattacks and protects data and other critical assets before they are exploited.