Cognitive cybersecurity approaches: Protecting utility OT in a hyper-connected world
Edge devices, the Internet of Things, wearables and swarm computing: emerging systems are enabling new utility business models. But they can also expose critical energy networks to new security threats. In a hyperconnected world, utilities will need to adopt new approaches for protecting their operational technology (OT). A cognitive cybersecurity approach is vital for protecting critical infrastructure.
IT has opened the door for an attack on OT
Until recently, utility companies used specific digital tools for specific tasks. The tools that controlled electricity and gas flow and the sensors on mechanical turbines in power plants, for instance, used specific software that ran on specific hardware and used specific protocols.
All that has changed. OT and information technology (IT) are now not as separate as people may think, with OT systems exposed to internet attacks far more easily than operators may realize. Servers using vulnerable operational systems, for instance, can now put OT at risk.
Both the risk and potential impact are growing. As the gap between OT and IT shrinks (or disappears outright), a malicious person could steal data – or even shut down a plant. The safety and security impact could be even more serious - sending regions into chaos and putting lives at risk.
Take OT cybersecurity seriously
New cyber-physical systems are solving utilities’ problems in new ways. IoT, edge devices and advanced analytics are providing new levels of insight. Wearables and even human-embedded technologies are giving workers in the field access to critical systems from their remote locations.
At the same time, hyper-connected utility IT environments make security management more complex and broaden attack surfaces. This attracts cybercriminals and ‘rogue’ nation states who, in turn, evolve their attacks.
Regulatory GDPR pressure may even bring hackers new opportunities for holding utilities to ransom. The growing trend in wearables and human embedded technology also extends personal risk beyond privacy to matters of well-being and personal safety.
The risk penetrating through to utility infrastructure is substantial. Sensors, machines, cabinets, SCADA systems and all other OT assets need to be protected. Classical perimeter security models are no longer sufficient.
A cognitive approach to OT cybersecurity
Despite the substantial risk to OT, the OT security outlook does not have to be a bleak one. Utilities can protect their increasingly complex OT environments.
- Carefully examine all industrial network traffic—in a completely passive, noninvasive way.
- Use the collected data to build an OT component inventory and baseline behavior
- Analyze the data to identify and respond to potential threats.
Applying a cognitive approach to each step can be effective in dealing with growing attack surfaces, increasing risks to critical infrastructure and innovations in malicious attack technology.
From AI to distributed ledgers
Consider the specific technologies behind this cognitive approach to protecting OT:
- Self-learning systems using AI can help track rapidly changing inventory.
- Behavioral analysis can highlight suspicious behaviors before they cause harm.
- Trusted collaborative networks are vital for sharing contextualized intelligence between security traditionally siloed domains.
- Distributed ledger technologies help establish the trust that is critical for fostering collaboration.
- Emerging security and safety certification frameworks will help organizations deploy appropriate cybersecurity strategies.
While the emerging threats are very real, they should not deter utilities from investing in emerging technologies. Cybersecurity solutions can provide the protection needed to keep utilities’ OT safe and secure.
Atos will explore why a cognitive cybersecurity approach is vital for protecting utilities’ critical infrastructure at the upcoming Atos Technology Days 2019. Find out more about the event here.