The Bottom Line: Utilities must implement endpoint security and real-time monitoring for each threat surface if they are going to achieve cybersecurity and physical security objectives with a unified strategy.
Fluctuating oil and gas prices, higher operating expenses, and greater cyber and physical threats are forcing utilities to move faster on their security strategies than they planned to. The pandemic forces a challenging paradox on utilities of needing to change fast while their industry is rocked with uncertainty. They are facing cyber and physical security threats that didn't exist when designing their plant and remote location security decades ago.
Utilities Need To Move Now To Merge Cyber and Physical Security
Relying on Industrial Control Systems (ICS) that are often decades old leaves millions of new threat surfaces unprotected across the world's utilities today. Many chemical, electricity, food & beverage, gas, healthcare, oil, transportation, water services, and other key infrastructure industries are currently relying on ICS applications and digitally disconnected physical security to protect their operations. ICS was designed to deliver only reliability and uptime first, with no thought of integrating real-time monitoring of remote locations.
The gap between cyber and physical security needs to be closed now. ICS is inadequate for protecting every new threat surface and has no integration to real-time monitoring of plants and remote locations. 63% of all ICS-related vulnerabilities cause processing plants to lose control of operations, and 71% can obfuscate or block the view of operations immediately according to Dragos Industrial Control's "Vulnerabilities: 2017 in Review". There's an emerging group of companies successfully merging AI-driven cybersecurity and physical security into a unified platform, with Twenty20 Solutions providing among the most innovative approaches to solving this problem.
Utilities need to realize that every machine and device they rely on to operate is their new security perimeter. Real-time monitoring of every endpoint or threat surface provides invaluable data for keeping existing cyber and physical security systems running or choosing to re-build or new-build. The following graphic from Deloittes' Power Market Study 2030: A new outlook for the energy industry illustrates how utilities' operating platforms and accompanying security approaches need to change to stay in step with customers’ expectations.
10 Ways AI & Real-Time Monitoring Can Protect Utilities Today
Successfully merging cyber and physical security using real-time monitoring can help utilities achieve consistent operational stability for their customers, starting with no disruption to the delivery of power. Thwarting breaches at every endpoint and threat surface ensures operational stability in the short-run and earns customer trust over the long-term. Real-time monitoring enables utilities to achieve both; the following are ten ways real-time monitoring can help protect utilities today.
1. Real-time monitoring of every access attempt to a facility, machine or asset thwarts break-ins, breaches, and theft.
By having real-time monitoring enabled across an entire network, a utility will know in moments if there is a security breach, vandalism, or potential theft in progress. Alerts are sent in real-time to administrators if there is a breach is to physical assets. The threat surface can be locked down, made inoperable in seconds, further stopping damage to a utilities' remote sites or a potential cyberattack.
2. For the first time, utilities can provide least-privileged access to any location or device at any time.
Real-time monitoring combined with access-based control can give IT and information security teams the flexibility of granting specific access right privileges to the individual level for the first time.
3. Knowing which facilities, plants, machinery, and remote equipment are operating correctly and which need Condition-Based Maintenance (CBM) updates and repair. Real-time monitoring can be configured to provide condition-based data from machinery and remote equipment, in addition to securing them as a threat surface. Knowing the condition of remote machinery and equipment in real-time saves IT and Plant Maintenance thousands of hours a year as the recent McKinsey study, Smartening up with Artificial Intelligence (AI) - What's in it for Germany and its Industrial Sector? illustrates below:
4. Real-time monitoring combined with AI, specifically unsupervised machine learning algorithms, can "learn" the access behavior of remote machinery and equipment, and know the probability of theft or breach.
Combining real-time data and analytics and machine learning models can help predict which types of machinery or equipment will be the most likely to be stolen or vandalized. Having these predictive insights, utility companies can launch more powerful deterrence strategies to protect their property. Combining AI, real-time monitoring, and a continual feed of data from physical monitoring can reduce false alarms and help monitoring teams to be more effective.
5. Combining video and real-time monitoring from remote locations provides a 360-degree view of cyber and physical security for a remote location.
The future of utility security is digital, driven by real-time monitoring and the ability to develop an accurate, precise real-time view of every remote location.
6. All utility plant security systems and strategies need greater device, location, and cybersecurity designed in – not as an add-on, and real-time monitoring makes that possible.
Securing every endpoint and threat surface across a utilities' network needs to start with every plant, location, and system used to manage them. It's important for the merged cyber and physical security to be merged as a single security strategy that scales across every location.
7. AI and machine learning are enabling a new era of location intelligence and situational awareness by integrating diverse security technologies towards a common goal.
It's time for utilities to look at how they can scale physical and cybersecurity across all departments and teams of their business. Machine learning can provide a quantifiable measure of trust via a risk score that's created and updated in real-time for every user attempting to gain access to every system or physical location. Risk scores can quantify contextual trust and define which resources will be available.
8. Machine learning-based location and system access continually learns from users' behavioral patterns, context, and devices and uses the data to verify trusted user access, eliminating compromised credential attacks.
Finding patterns in how users behave and the context and devices they use to gain access to secured systems enable both greater security and more efficient customer experiences. Advanced machine learning algorithms can also define which systems and physical locations need to be accessible for a given user to do their job and for how long.
9. Risk scores and security analytics are generated in real-time using machine learning and are also used to fine-tune utility's security networks.
Real-time monitoring also helps to refine every security network and response across a utilities' network. Inbound real-time data can help to troubleshoot remote locations that are prone to false positives, false alarms, and lost time.
10. Combining real-time monitoring data with machine learning can streamline onboarding new employees by more quickly calculating their risk scores and defining access privileges. Getting new hires up to speed and providing them with the access privileges they need is made more efficient by assigning risk scores and having AI continually improve them over time. Calculating accurate risk scores is possible when there's a continuous stream of real-time data to create and train prediction models. Utility providers that use real-time monitoring and risk scoring to provide access to facilities, machinery, and equipment can help onboard new employees faster and restrict access to employees who move on in their careers.
Twenty20 Solutions is a leading provider of security, access control, automation, and more in the utility and energy fields. Contact us today to learn about how we can help you secure and streamline your utility businesses and sites today.