Protecting IT Infrastructures in Resource-Based Sectors
In a rapidly evolving digital landscape, the need for robust cybersecurity measures has never been more crucial. A recent study by Palo Alto Networks reveals startling statistics about the state of cybersecurity in Australia, particularly in the intersection of Information Technology (IT) and Operational Technology (OT).
According to the report, 82% of OT and IT business leaders in Australia reported facing a cyberattack in the past year. This alarming figure underscores the urgency for effective strategies to combat these threats.
One promising approach is the use of AI for defensive purposes. Eighty percent of respondents recognise its potential, with the most effective approach currently being "guided recommendations" assisted by an AI Co-Pilot.
AI models can analyse large datasets containing performance and device telemetry to recognise when network and security assets are nearing capacity or experiencing malfunctions. This proactive approach can help prevent potential issues before they escalate.
The convergence of IT and OT systems creates a unique challenge for organisational security. OT systems, which control physical processes and machinery, prioritise reliability and longevity, often operating for years or even decades without major changes. Integrating new technologies into these systems can be technically challenging due to the inherent differences between IT and OT.
However, there are strategies that can help bridge this gap. Adopting "secure by design" principles, a standard in modern IT security practices, can be beneficial in the OT realm as well. This approach involves building security measures into systems from the ground up, rather than adding them as an afterthought.
Fostering collaboration between IT and OT teams is also crucial. This collaboration can help bridge the knowledge gap between the operational needs of industrial systems and the dynamic landscape of IT security.
Predictive AI can be leveraged in cybersecurity to identify patterns of behaviour at the network and endpoint levels. It can also be used to match Tactics, Techniques, and Procedures (TTPs) utilised by malicious actors at various stages of their campaigns.
The next evolution of predictive AI in cybersecurity and operational technology lies in automation. Palo Alto Networks expects the precision of automated decisions to become reliable enough for autonomous actions within the next five years. This automation could potentially revolutionise the way we approach cybersecurity, making it more proactive and efficient.
Despite these promising developments, there are still challenges to overcome. Only 14% of respondents said their OT and IT teams were aligned, and 40% described the relationship between OT and IT as frictional.
Organisations in the resources industry are among the top global targets for cyberattacks. The increased use of digital technologies in this sector underscores the need for robust cybersecurity measures.
In conclusion, the intersection of IT and OT presents a unique set of challenges, but the potential benefits of AI in cybersecurity are clear. By fostering collaboration, adopting secure by design principles, and leveraging the power of predictive AI, we can build a more secure future for our digital infrastructure.
