The ever-evolving technological landscape we all now live in throws up both benefits and challenges for those tasked with defending our most important utilities, networks and systems, and 2018 could well be the year we see previously theoretical attacks involving artificial intelligence (AI) or automation technologies realized.
Aside from new technologies, there are several other challenges facing the protection of infrastructure throughout 2018 and, in this article, we’ve created our list of five of the most prominent challenges facing critical infrastructure protection in 2018.
New Threats
As our means of protection evolve, so do the ways in which they could be vulnerable or used against us. Remote access methods have shown this previously and artificial intelligence and automation may be about to do it again.
In the case of AI, cybersecurity is a big deal. According to a recent research survey, 91% of security experts are worried they’ll soon face AI cyber-attacks. Most are also concerned about AI being used to create even more advanced forms of malware that could prove almost impossible for humans to stop.
While there are no reported cases of AI being used in a cyber-attack, critical infrastructure will need to be prepared for scenarios such as this. Physical, digital, and human resources will need to be deployed and managed intelligently in order to prevent or mitigate the damage of an attack such as this.
AI is just one of several emerging technologies that could create new challenges for protecting critical infrastructure in the future. Automation is both a threat and a key solution for defending against AI or automation-based cyber threats and currently serves many different roles in cybersecurity systems across the world.
Refining protection for these systems will likely be the difference between security and vulnerability.
Increased Connectivity
With more and more devices, tools, equipment and now vehicles connecting to each other with the help of the Internet of Things (IoT), would-be attackers can now pick and choose from a plethora of entry points to critical infrastructure systems.
The ever expanding IoT has given us more intelligent “things” as well as increased the number of attack vectors available to hackers.
Cyber-attacks against control systems, for example, have risen significantly due to their connectivity with other system elements and, with more and more devices flooding into the market every year, these sorts of breaches look destined to grow increasingly common.
With next gen wireless communication technologies like 5G hanging on the horizon, critical infrastructure is likely to become even more integrated and connected over the next few months and years.
One of the biggest challenges in protecting critical infrastructure will be ensuring this doesn’t make these systems any more vulnerable and that all connections are adequately secured.
Bespoke Requirements
Arguably, one of the great things about modern advances in both physical and cyber security is that, in certain situations, the same solution can be applied to different industries or circumstances and be just as successful. Facial recognition in modern surveillance cameras, for example, has multiple uses and roles with a wide variety of sectors.
However, this is not the case for every solution and, while some technologies may seem to fit on paper, slight differences in operation, management or installation can result in disastrous consequences.
With critical infrastructure in mind, this creates the challenge of knowing where best to leverage resources for the best results as well as understanding the threats each individual sector will face.
In order to overcome this challenge, particular attention will need to be paid to both physical and cyber security and protection measures and their efficacy in the roles given to them within each industry.
Bespoke requirements will need to be met in order to guarantee the highest levels of protection for critical infrastructure.
Standardization
One of the toughest challenges faced when protecting critical infrastructure is dealing with the consequences of yesterday. Standardization of parts, policies and techniques has brought with it a great many benefits and conveniences and will most likely continue to do so long into the future.
It also means that mistakes made years ago but only recently discovered or disclosed can have big implications in the future.
The recently discovered Spectre vulnerability is a good example of this and security analysts, developers, network administrators, and service providers will all need to ensure that their products, services and operations have gone through the most stringent of assessments in order to reduce the potential for such scenarios.
There are several possible ways to address this issue, such as annual reviews, analyses and inspections of existing solutions and their potential vulnerabilities and weaknesses. This could be implemented within the many predicative maintenance programs in operations today.
Collaboration
We live in uncertain times and this can often be reflected both industrially and economically. It is, however, becoming ever-more important to collaborate more freely and openly in order to overcome many of these challenges we face. Promoting and proliferating that level of collaboration is the challenge.
International threats such as cyber-terrorism or AI-controlled cyber-attacks are becoming both more common and more likely as our systems turn become increasingly digitized.
This in itself should demonstrate how urgent it is that governments, corporate bodies, NGOs, and other institutions work together in order to combat a common enemy for the good of everybody. Protecting critical infrastructure is a prime example of why this kind of collaboration is highly desirable.
There is also significant evidence to suggest that increased collaboration results in increased productivity and innovation, which could go a long way in ensuring that critical infrastructure is protected throughout 2018 and beyond.