Additive manufacturing, AI, ML, Edge Computing, Digital Twins, Conversational platforms and Blockchain bound to get sharper in 2018: Bithal Bhardwaj, GE
The new fiscal year will come with lot of digital transformations and hence it’s time for CISOs and infosecurity professionals to set new resolution goals for them and come up with new trends of cyber security. Keeping in mind the numerous data breaches that occurred in 2017, organizations need to modify existing cyber security approaches and implement new measures. Bithal Bhardwaj, Chief Information Security Officer, GE South Asia & Africa, in an interaction with EC’s Rachana Jha, discusses the journey of the digital world in 2017 and what would be the top trends of 2018
Some edited excerpts:
How do you see the present scenario of digital transformation in the industrial world?
Most global industrial companies today understand that to reach the next level of efficiency and value, they need to connect their assets and plants to take advantages of big data, scalable computing and advanced analytics. The Industrial Internet of Things (IIoT) has become increasingly more pervasive in the industry as digitization has become a business priority for many organizations. It is changing the way industries work. Whether it’s enabling predictive analytics to detect corrosion inside a refinery pipe, or providing real-time production data to uncover additional capacity in a plant, or driving visibility and control over your industrial control systems environment to prevent cyber-attacks – the IIoT and the software solutions powered by it are driving powerful business outcomes.
Is cyber security a concern for industrial companies undergoing digital transformations?
As more and more organizations connect online to improve efficiency and automation, greater the risk of infiltration, infection and disruption. Unlike traditional data breaches, where it’s mostly about sourcing and selling stolen information, cyber attacks on industrial and critical infrastructure are often motivated by malicious intent to disrupt operations, which can place people, property, or the environment at risk.
Many organizations, however, remain unfamiliar with this new and intensifying risk landscape and/or lack insight into how to apply cyber security practices, especially within Operational Technology (OT) that run these environments.
What measures one can take to mitigate these attacks? What are some strategies to combat such security threats?
Get real industrial security/critical infrastructure experts to come in to evaluate systems and risks in your industrial environment would be my first and foremost advice. Most companies in their early industrial security journey often take the misstep of conceiving industrial security as just another IT area to be secured.
Broadly, companies can start with creating a comprehensive security program that understands what needs to be protected. Program should have deep understanding of Operations Technology (OT) systems, enterprise systems, physical assets, network infrastructure and the dependencies between these components. Consider the possible consequences of cyber attacks to establish the baseline for the security strategy.
The cyber security ownership and responsibilities should be established clearly between the IT and the Operation’s organizations, under a common leadership. While IT teams focus on protecting data and systems, their OT counterparts must protect mission critical assets and control systems.
Lock down OT systems with right topology and protect with intrusion detection. Right configurations must be applied to protect Industrial Control Systems (ICS) from outside attacks and IT systems should be fortified at the edge of the Internet for such environments.
In terms of security, what were the notable developments in 2017?
There are many reports outlining major events of the year globally. I will touch upon few developments based on media reports that stood out for me as cyber security professional based in India. Petty cyber crime rate continues to be very high in India with extremely low report rate to the authorities. It can be attributed to high internet penetration with low-end smartphones and lack of security awareness among the masses. Botnet infections in India continue to rise and is among the highest in the world, likely due to a surge in mobile and banking malware. Ransomware made the headline throughout the year. At one end, it made cybersecurity a household talking point, but at the same time, it poses real threat for industrial and critical infrastructure that hosts lot of aged infrastructure across the industry.
There have been a few other geo-political activities as well that may develop into new risks in future, but overall this year saw India’s cyber policy landscape evolving with Supreme Court judgement on privacy and data privacy bill roadmap, to name a few.
How technologies like AI can be useful to your industry? In which areas AI can be useful in security?
In the past, machine operators and technicians monitored engines and machines by listening to their clanks and checking their gauges, but today sensors and machine learning offer the same and much more by providing predictive failures and maintenance capabilities. AI is making industrial operations safer and more reliable while helping to ensure optimal performance at a lower sustainable cost.
AI in cyber security, in general, is evolving and is playing an increasingly important role in cyber analytics, especially user entity and behavior analytics, and identity and privilege access management analytics. Many cyber security leaders are watching this space very closely and are experimenting with putting available solutions to the real world problems.
What would be the top trends of 2018? For the digitization of business, which new technology platforms will be considered in 2018?
In my opinion, top technology trends to keep an eye on, in coming times are additive manufacturing, AI, machine learning, edge computing, digital twins, conversational platforms and Blockchain. These technologies hold tremendous potential in transforming the world as we know, and have evolved rapidly in the past couple of years. They are bound to get sharper in 2018.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]