Navigating the Intersection of AI, Cybersecurity, and Operational Technology
Artificial intelligence (AI) and machine learning (ML) have been used interchangeably since the 1950s. Although they experienced a resurgence in the late 1990s and early 2000s, generative AI, specifically ChatGPT, didn’t become popular until 2022. In manufacturing, AI/ML has been used to collect and analyze data to identify trends, patterns, anomalies, and other important information. One example is a machine learning algorithm that sends proactive alerts when a manufacturing machine’s temperature surpasses a specific threshold, allowing operators to take action to prevent problems.
Generative AI: Benefits, Risks, & Concerns
Generative AI can replicate human behaviors, such as applying expertise to new problems, and can react to and predict outcomes from information. However, generative AI can also be hacked, just like any digital process. One significant concern is the potential for malicious actors, such as nation-state adversaries like China, to use AI for malicious purposes. Another concern is that, as AI models and algorithms become more complex, they can become opaque to the people who manage them. This opacity could create challenges if a system malfunctions, potentially impacting productivity and safety. Lastly, there are concerns that AI could foster complacency and that focusing solely on AI may lead to the neglect of foundational security controls.
AI-Powered Threat Intelligence for Industrial Systems
One of the most important applications of AI in manufacturing is its potential to enhance security. AI-powered tools can analyze vast amounts of data to detect and mitigate threats, often more quickly and efficiently than humans. AI can be used to identify malicious patterns in network traffic, detect insider threats, and even predict potential downtime. Generative AI can further enhance these tools by providing a simpler interface, allowing users to use plain language to interact with security systems and obtain actionable reports.
Ransomware Attacks in Manufacturing
The manufacturing sector is increasingly targeted by ransomware attacks. Manufacturers often pay higher ransoms than other industries, averaging $1 million more, due to the significant financial impact of production interruptions. This vulnerability highlights the importance of AI in identifying and mitigating such threats in manufacturing.
SEC Reporting Requirements & Cyber Risk Disclosure
The SEC now requires public companies to disclose material cybersecurity incidents, highlighting the growing recognition of cyber risk as a significant financial threat. This new rule is significant because, in the past, many companies, particularly in the manufacturing sector, did not have any technology or processes in place to monitor or address cybersecurity risks. The SEC ruling acknowledges that cyber risk is no longer limited to the IT domain but extends to all aspects of a business, including OT environments.
The Human Factor in Cybersecurity
Despite advancements in AI and cybersecurity technologies, humans remain the weakest link. Over-reliance on technology can lead to complacency and neglect of basic security hygiene practices, which are essential for any cybersecurity program’s success. While AI can augment human capabilities and improve efficiency, it’s crucial to remember that it is not a silver bullet solution.
Key Takeaways: Balancing AI with Foundational Security
The most important takeaway is that organizations should focus on implementing a robust cybersecurity program that includes basic security hygiene, risk assessments, incident response plans, and a culture of security awareness. AI and ML are valuable tools that can enhance these efforts but should not be seen as replacements for foundational security practices.
This is an excerpt from the “Beware of Bad Actors | Leveraging AI-Powered Threat Intel to Keep Industrial Systems Safe and Available” session sponsored by Fortinet at IIoT World Manufacturing Days. The summary was generated by notebooklm based on the transcript of the session. It was edited by IIoT World.