AI and Cybersecurity: Wielding the Double-Edged Sword

With vulnerabilities in their systems and infrastructures, manufacturers are proving easy targets for cybercriminals that increasingly employ AI in their attacks. Fortunately, would-be victims can use the same technology to repel threats and protect business value.

Once separated by a so-called gap of air, the Operational Technology (OT) that runs backend factory systems is fusing with the Information Technology (IT) that interfaces with the world outside as manufacturers seek to streamline their operations with advanced technology delivered in the Cloud. Tied to the use of IIoT platforms cyberthreats aimed at unpatched legacy systems are on the rise.

Key findings from a worldwide survey of almost 2,000 senior-level executive managers with IT and OT remits at industrial concerns with workforces greater than 1,000 employees highlight the causes for concern. Among them are that 70% report having been targeted in the previous 12 months. That a quarter were forced to shut down operations bears out their perception that cybercriminals are among the biggest threats facing manufacturing operations.

IT is the main vector malicious actors use to damage OT with ransomware and malware, and one that increases vulnerability as manufacturers move, process and store the data generated in the backend and in the supply chain into the Cloud. Meanwhile, the growing adoption of 5G interfaces with Cloud platforms and MES opens still more bridges across the digital moat that once offered a modicum of security to a sector known for closed loops of data and information.

Just as it factors into the drive among manufacturers for greater Overall Operational Efficiency (OEE), AI also figures as a threat. In addition to generating content for the phishing attacks that scrape passwords that offer them IT entry, cybercriminals are compromising OT with AI techniques that steal, upload, modify and manipulate files, and to develop undetectable malware.

This as AI is transforming cybersecurity in manufacturing, using Machine Learning and Deep Learning to address threats, implement preventive measures, and mitigate risk. This includes the Predictive AI tools that analyze historical data to identify pattern anomalies and vectors that are indicative of threats and attacks, and the Generative AI can simulate attack and response scenarios and test defenses.

With AI, manufacturers can improve threat detection thanks to real-time identification of  anomalies in OT patterns and IT interfaces, and respond swiftly to mitigate breaches before they escalate. Cybersecurity platforms that use AI automate threat response actions, such as isolating compromised systems, blocking malicious traffic, or quarantining infected devices.

Continuous monitoring of OT systems and IT networks with AI provides comprehensive threat visibility and increases accuracy of threat detection and mitigation. AI algorithms also can analyze user behavior and network activity to detect suspicious patterns or deviations.

Having plans and policies in place for people, processes, and technologies are steps that manufactuers can take for better threat prevention and mitigation. Manufacturers should be ready to react quickly with response plans should include backup and recovery procedures.

Collaborating on security best practices and sharing information, both internally and with suppliers and customers helps, too. Enforcing strong authentication measures, such as multifactor authentication, can prevent unauthorized access to OT systems and IT networks. To bolster security in the supply chain, regularly perform assurance checks of contractors and third parties.

Regular security audits and the timely implementation of software updates and patches address vulnerabilities that cybercriminals can exploit. Training employees and raising awareness about common cyber threats can help prevent human errors and minimize the risk of insider threats.

Vendors are central in helping manufacturers strengthen their cybersecurity defenses with solutions that address specific needs and challenges. Moreover, they can provide ongoing support, threat intelligence, and updates to ensure the effectiveness of cybersecurity measures.

Data management platforms also have a role to play by facilitating encryption, access controls, and threat detection. These platforms enable manufacturers to securely store and manage sensitive data, monitor for suspicious activities, and respond quickly to threats and breaches.

With the average cost of a data breach for manufacturing organizations reaching $7m, including direct financial losses, reputational damage, and regulatory fines, manufacturers are projected to spend over $82bn on cybersecurity measures globally in 2024. Generating business value from that investment requires AI cybersecurity solutions that better combat threats and close vectors to malicious actors. By leveraging Predictive AI and Generative AI technologies, manufacturers can proactively detect and prevent cyberattacks, protect sensitive data, and safeguard critical infrastructure.