The Industrial Internet of Things (IIoT) represents previously unimaginable opportunities for manufacturers today. From measuring what has historically been unmeasurable, to enabling continuous process improvements, there are plenty of good reasons why it’s becoming the new normal in factory environments around the world.
But this explosion in new devices and data comes with some serious security challenges to manage. With new endpoints to take care of, new traffic types to understand, and an increasing amount of “noise” to sort through in the search for bad actors, seizing the IIoT opportunity while staying secure can be tough.
That’s where AI comes in. With the ability to process, understand, and act on huge volumes of network data in real-time, many companies are looking to Artificial Intelligence to help meet this new security challenge.
We recently caught up with Andrew Tsonchev, Director of Technology at AI-powered security experts Darktrace, to get his latest insights into why AI has become such a popular way to manage IIoT security. Here’s what he had to share.
Make sense of the new noise
One of the biggest challenges of securing an IIoT-enabled environment is making sense of all the new traffic types and patterns happening across your network. You’ve got new devices talking to each other, connecting with third parties, and collecting new types of data that you’re not used to seeing or dealing with.
For network security teams, this seriously limits their ability to do their job. This is unfamiliar technology and traffic, meaning that they simply don’t know what normal behaviour looks like for them, in turn meaning that they can’t spot the malicious traffic from the mundane.
This is where AI becomes extremely useful. Using simple policies, AI can quickly understand the patterns and behaviours of new devices and traffic, and proactively identify anomalies at the earliest possible opportunity.
Instead of spending their time scouring through huge volumes of increasingly diverse traffic and connections, network teams are freed to intervene exactly where and when their attention is needed most. With this AI-powered approach, issues can be spotted and solved incredibly quickly, often before any malicious damage can be done to the network or operational technology.
AI secures and serves everyone
One of the main reasons why understanding new traffic and data types is so challenging is that the core network and IT teams are detached from the operations IIoT devices are gathering data from.
The expertise regarding this technology and how it operates lies with Operational Technology (OT) teams—the ones that work closely with it every day on the factory floor.
Using AI, the OT team can use their expertise to define what typical behaviour looks like for all of these new endpoints and bits of connected machinery. With that done, the OT team won’t need to spend anywhere near as much time concerning itself with security as it would without the AI functionality in place.
The AI learns from both the IT and OT teams, and ensures that network traffic and potential security threats are handled in a consistent way as defined by both those responsible for the core network, and those responsible for the operational tech.
As a result, there’s less need for IT and OT teams to collaborate closely to maintain day-to-day security, less need for people’s job roles to change, and more time for everyone to focus on doing what they do best.
As manufacturers work to tackle the cultural challenges that embracing IIoT represents, the ability of AI to act as a central source of knowledge and consistency based on everyone’s input will prove invaluable. When applied well, it can bridge the gap between the teams, and underpin a holistic approach to IIoT security that protects the core network, intellectual property, and newly-connected operational tech.
Find out more
Learn more about securing the factories of the future by downloading our new insight paper now. Inside you’ll find more expert viewpoints and advice, designed to help manufacturers just like you become more resilient against the threats targeting today’s hyperconnected factory environments.