Webinar: Top 10 Cyberattacks on Industrial and Critical Infrastructure of 2024
Days
Hours
Minutes
Seconds
Register Now

AI and Industrial Security in the Energy Transition | Episode 125

Leo Simonovich, VP & Global Head of Industrial Cyber and Digital Security at Siemens Energy, joins us to discuss AI and the industrial cyber risks and threats it poses to the digital transformation of the energy industry.

Picture of Waterfall team

Waterfall team

AI and Industrial Security in the Energy Transition

“…we have to apply a mix of different technologies including Cyber technologies. to begin shaving off our carbon foot print. So we work with customers to help them rationalize what they do with their existing fleets and how they can maximize efficiency.”

Available on

About Leo Simonovich and Siemens Energy

Leo Simonovich VP Siemens EnergyLeo Simonovich is VP and Global Head of Industrial Cyber and Digital Security at Siemens Energy. He is responsible for setting the strategic direction for Siemens’ industrial cyber security business worldwide. He identifies emerging market trends, works with customers and Siemens businesses to provide best-in-class cyber offers, and contributes to the company’s thought leadership on the topic. He is particularly focused on solving the cyber security challenge in the oil and gas and power sectors by bringing unique solutions to customers looking to address a growing and costly operational security risk. He frequently speaks on such topics as cyber governance, risk management, and organizational transformation in operational environments. Prior to joining Siemens, Leo led the cyber risk analytics practice area at the management consulting firm, Booz Allen Hamilton. He refined his expertise through his work with large government and commercial customers to improve their cyber risk posture. While at Booz Allen, Leo created an industry recognized methodology to evaluate the financial benefits of investment in cyber security. Leo holds both a Masters in Global Finance and a Masters of Business Administration from the University of Denver.

Siemens Energy is located in 90 countries and operates across the whole energy landscape including conventional and renewable power, grid technology, energy storage, and electrifying complex industrial processes. Their stated mission is to “support companies and countries with what they need to reduce greenhouse gas emissions and make energy reliable, affordable, and more sustainable.”

Share

Transcript of this podcast episode #125: 
AI and Industrial Security in the Energy Transition | Episode 125

Please note: This transcript was auto-generated and then edited by a person. In the case of any inconsistencies, please refer to the recording as the source.

Nathaniel Nelson
Welcome. Everyone to the industrial security podcast. My name’s Nate Nelson I’m here with Andrew Ginter the vice president of industrial security at waterfall security solutions who’s going to introduce the subjects and guest of our show today Andrew how are you.

Andrew Ginter
I’m very well. Thank you Nate our guest today is Leo Simanovic he is the vice president and global head of industrial cyber and digital security at Siemens Energy and our topic is AI in the energy transition.

Nathaniel Nelson
Then without further ado here’s your interview with Leo.

Andrew Ginter
Hello Leo and welcome to the podcast. Before we get going can I ask you to say a few words about yourself and about the good work that you’re doing at Siemens Energy?

Leo Simonovich
Andrew it’s great to be with you. Thanks so much for the opportunity. At Siemens Energy I lead the industrial cyber practice. and I’ve spent building I spent about 10 years building this business It’s been a wild ride. A lot has changed in the space. and we’ve innovated broad. Awesome products to market. and and before that I was with a large consulting firm who was Alan Hamilton where I did cyber risk analytics for large utilities.

siemensSiemens Energy is has been on the journey we became a standalone energy technology company covering the energy value chain. As a spinout of larger Siemens and we’re hyper focused on the energy transition and at the core of that transition is the need to decarbonize digitize and decentralize and the. That is all enabled by digital technologies and of course getting cybersecurity right? So we as a company have built a practice focused on operational technologies and industrial cyber and it is a practice that helps our customers. Get a better handle on on their industrial cyber programs and helps them get a better understanding of their risk. and helps them ultimately reduce that risk because it is just too important. if we don’t get it right. The the consequences for the environment but also for operations and abilities deliver energy are just too great.

Andrew Ginter
Sweet, um, and our topic today is artificial intelligence and of course industrial security in the energy transition. Can you start us at the beginning? I mean everybody vaguely understands the the need to decarbonize. What does What does the energy transition mean to you and and to you folks?

Leo Simonovich
Yeah for for us as a company and for me personally um, it is an existential challenge. We talk about the need to decarbonize and the abstract. We know that we need to reduce carbon footprint. But what does it really mean? Well we have a world out there. That’s pretty Complex. You got a bunch of old stuff that is aging and that’s built on Fossil Generation. You have renewables and then of course you you have the push to electrify everything and what that means is that we have to apply a mix of different technologies including Cyber technologies. to begin shaving off our carbon foot print. So we work with customers to help them rationalize what they do with their existing fleets and how they can maximize efficiency how they can install additional capacity that is cleaner.

And ultimately Innovative Technologies like hydrogen that are going to be groundbreaking. It’s an above kind of it’s an all of the above approach that that we need to take to go off to this problem and it really requires a partnership between us and and our customers.

Andrew Ginter
So that makes sense sort of, in the abstract. Can you give me some examples of  what kind of physical technology systems are are you folks working with?

Leo Simonovich
Yeah, the way to think about it is by looking at different parts of the energy Valley chain. So There’s oil and gas. There’s power generation and then there’s the transport and of course distribution of energy. We play in in all the parts of the of the energy value chain in Upstream where oil gets taken out of the ground we need to do a better job of not. Releasing carbon into the atmosphere. and there one of the big challenges of course is is the flaring of gas. The other is what happens with onsite power Generation. So our technologies help capture the carbon also produce. Onsite generation. So We’re not, burning diesel fuel For example, we can install small wind micro-grids that can produce energy right? there on site. We can combine an offshore platform with wind together and we do that in the North sea in in Midstream Of course it’s It’s about a more efficient way of transporting right and delivering electricity and oil and gas.

Leo Simonovich
And there we got to we are delivering next generation compression equipment. and ultimately energy’s got to get to homes. and we we have to have a grid that doesn’t lose power. Ah, as as that electricity gets gets transported. So We deliver software we deliver transformers. and we deliver metering equipment to help our customers utilize their electricity in in a more efficient Way. So when the sun shines. It’s great. and we we can deliver electricity straight to homes and the wind blows. but sometimes the the weather doesn’t just doesn’t cooperate so we are. we have capture electricity through storage by applying the latest and greatest battery battery applications to help capture electricity and use it when it’s needed most.

Andrew Ginter
I had assumed that Siemens Energy was all about the power grid and windmills and solar panels and and it is all that but the examples that that he gave here were also in oil and gas. Oil isn’t found in convenient locations. It’s found generally far away and and off the grid and so you need power out there. So they’re talking about about windmills and solar panels and whatnot out in the boonies to support these remote installations. In addition to all of sort of the the expected so it was broader than I expected.

Andrew Ginter
industrial systemsSo that all makes sense. and our topic is AI and eventually industrial security in the energy transition. Can you talk about? AI I mean there’s chatGpt has been all the buzz I have a ChatGpt account myself I’ve been playing with it. Is that what we’re talking about when we’re talking about AI or is is AI a bigger picture?

Leo Simonovich
Yeah, you’re right? There’s so much hype around AI for for a very short word. There’s so much that so much confusion comes with it. I think for your listeners, they probably know AI as the latest and greatest innovation which is ChatGpt. we all use it to ask a question. We all use it to plan our dinner menus. The reality is that in industrial context artificial intelligence has been used for some time to do things like help us find the the biggest reservoir of oil out there or to help us deal with the problem that I talked about around kind of weather patterns and anticipating what those look like and optimizing the energy system to store electricity. Those applications of artificial intelligence which is which is all about control and dispatch of energy have been around for some time they’ve been narrow and very specialized. What’s different?

Leo Simonovich
Well, with with scalability of compute which is getting cheaper and cheaper with advances in large language Models. We can now drive optimization in that energy system which is getting more complex. We talked about it being old. We talked about it being new. We talked about it being more complex. We talked about the need for energy increasing especially in the developing world right? So that’s it that complexity now needs to be optimized.

So that you as a consumer get the best price for your kilowatt hour and commercial and industrial companies are able to utilize energy when they need it. At the best rates artificial intelligence can do that now from a security perspective AI has a ton of problems tell you end I’ve seen the explosion of companies capabilities.

Andrew Ginter
All right, and we are the industrial security podcast can you can you connect the dots for us. What what are we worried about security wise if we’re using AI to manage demand, to manage to manage power.

Leo Simonovich
From a security perspective. there are 2 lenses through which we need to look at AI the first is AI from a business perspective. An operational perspective. What is it doing to deliver electricity. But the other is how can that AI be manipulated and what can the bad guys do to cause damage in the old world much of energy production was air gapped. But increasingly with the need to digitize and drive better efficiency Better asset management right? what we have seen is an explosion of connectivity.

And some that connectivity of course can can be managed smartly with data diodes companies such as waterfall which have an excellent product but some of it needs to be managed in a very different way.

And this is where artificial intelligence comes in the bad guys are using it to craft malware that is smarter and can cause more damage they’re using it Also to. Get into energy systems and this is a product of nation states. it makes subtle changes here’s what fundamentally and this is very important for listeners to hear here’s what fundamentally is different. How the game is changed. Malware used to be all about digital manipulation of Networks or endpoints now physical world commands are combined with digital commands and guess what happens. You can create a piece of malware that tells a turbine to spin faster or tells electricity to flow in a different direction and if you could do that at scale across multiple points in the system.

That leads to those safety in catastrophic events that we all have feared. We’ve seen some of this come out in news lately with with hackers getting into the us grid using the latest latest and greatest malware. which we have not seen previously before and I bet a lot of it was crafted using AI.

Nathaniel Nelson
Andrew in theory I can imagine AI playing an important part in cyber attacks. But the point that Leo’s making there. It doesn’t necessarily seem contingent on AI that one would make say a highly spreadable malware that causes physical consequences.

Andrew Ginter
Yeah I mean back in the day, this was thirteen or fourteen years ago, stuxnet hit. It was the big news back then far as I know that kind of code would have been written by hand. And common wisdom back then and even today is that writing that kind of code is very difficult. It takes it takes an expert. in in sort of stepping back for a moment in terms of of attacking industrial sites.  The sort of the common terminology is there’s stage one attacks and stage 2 attacks. Stage one is where you get into the IT network with a phishing attack or with a fake website or something. AIs like chatGpt have been described by researchers as a useful tool for generating phishing emails, for generating credible written content to deceive victims. That’s stage 1. Stage 2 is producing the code that’s going to connect to the PLC and create a new firmware for the PLC that bricks the PLC. That’s being seen as as much harder and there’s research going on in the space.

Andrew Ginter
I cannot name names at this point but I have been talking to people in in private. who are looking at using AI for stage, 2 attacks and the question they’re asking is bluntly can a script kitty someone who knows almost nothing but knows how to use AI can a script kitty produce. Let’s say Stuxnet is the question and thus far the answer seems to be no, you actually have to know what you’re doing but the bad so that’s the good news. The bad news is that the research thus far suggests that. If what you’re doing AI can speed up the process of creating a credible stage to attack enormously. We’re talking huge advantages for the for the adversary here.

Nathaniel Nelson
It’s a tricky thing because on one hand it just seems so obvious that in the near future attackers will be able to write that stage two malware using AI but on the other hand at least from what I’m hearing and I’m not out in the field every day. Practicing this stuff so I can’t say but AI has been a thousand percent more useful for cyber defenders thus far I mean whether it be antivirus detection response. What have you? we’ve been using ai in a way that attackers just haven’t for a while. So the notion that. This is some big problem that’s awaiting us sort of it’s it’s the reality versus the the theory for me am I wrong.

Andrew Ginter
Um, no, there’s there’s all sorts of stuff going on. fundamentally in the stage 2 world. The the question is one of writing code and there’s a huge industry out there in the world for writing good code. Writing word processors writing operating systems writing web servers. so there’s a huge industry focused on producing and optimizing AI that will produce code more efficiently for all of the world’s software vendors. Um. And again I haven’t been tracking this but just to give you sort of 1 example, a taste of what’s possible. I’m aware of chat gp has its limitations like I said I’ve been using chat gpt it it makes stuff up. It’s it. It has limitations but here’s the thing. Um. There’s a lot of different Ais in the world and what we’re seeing increasingly is these Ais in a sense daisy chain together now again I I haven’t done this so to a degree I’m making this up but imagine an ai that’s focused on understanding. written documents about you know. Plc communication protocols and turning them into code and it produces crappy code and then you pump that code into an ai who’s that’s focused on detecting common programming errors and then you pump the output of that.

Andrew Ginter
You know into an an AI that’s focused on using that knowledge to correct the programming errors given the original specifications and you pump that into an AI that’s focused on it’s optimized for packaging code into modules into downloadable components. And you pump those modules into an AI that’s focused on integrating the components into a comprehensive. this is happening. this kind of thing is happening and these Ais are not static. Chat Gpt is not the end. It’s the beginning and so in my estimation. The job of creating stage 2 attacks is getting much easier over time.

Andrew Ginter
So so that’s scary stuff. I know there’s a lot of researchers out there playing with the stuff and if the good guys are playing with it. You can be sure the bad guys are playing with it. can you go a little deeper What what’s possible.

Leo Simonovich
Yeah, well your imagination can can run wild but what we have seen in working with our customers is the use of Ai. Um. To develop malware that it is frankly smarter more attuned but that combines different elements of the attack leading to consequences faster and what I mean by that is if you can begin to um. Ah, manipulate a particular process or a particular piece of equipment a valve a Plc right? and you can use do that using digital commands ran and you can combine to your point about. Kind of using multiple dimensions of attack combine multiple processes together. The damage can be can can occur at greater scale and can occur much faster believe it or not It’s easy to trip a power plant. It is and have determined shutdown There are a lot of safety mechanisms to to manage human error. For example, it’s a lot harder to manipulate a turbine or or an oil refinery.

Leo Simonovich
To cause a boom event or a safety event right? I’m tricking those safety mechanisms is what AI is really good at because it it now is able to play the chess game.

On not just on kind of a one dimensional level or two dimensional level you can play it on on a 3 dimensional level moving multiple pieces all at the same time.

Andrew Ginter
So very very nasty stuff I mean like I said I’ve been tracking some of this stuff. It’s it’s worrying. how are we doing on the defensive side. What are we doing about this? What should we be doing about this?

Leo Simonovich
Yeah, the the the consequences are real and unfortunately we will not only see more and more attacks but we will see those attacks futureuring it an AI element and this worriesries. Well. Both customers and regulators that I talk to they recognize that the playing field is changing that this technology in the industrial context again. We’re not talking about Chad Gbt is accelerating. Um. And because of that we need to get a better handle on it. So the White House. with its latest AI guidance and its cyber security strategy had specifically called out.

Leo Simonovich
the dangers of AI when applied to industrial control systems more broadly. There’s recognition for for.

Leo Simonovich
Better visibility in better tooling on the defensive side. So The Regulators now are saying what used to be that cloud in operational context was was a dirty work. How can you take operational data out. But. If we’re gonna compete with the bad guys then we need to have the same levels of compute and so the regulators are now issuing guidance around Cloud and emerging technologies and specifically the thing that they’re calling out and this is we where we Siemens Energy have been hyper Focuseds. They’re calling out the need for visibility. This is very important because if you don’t have basic visibility and understanding of your environment then it’s very very hard to know a whether you’re being attacked. B going after those attacks at speed and then C being able to recover from them and what we know for a fact is that AI is going to crease the the speed of the attacks. And we on the defensive side need to increase the speed of our response. We just need to play faster.

Andrew Ginter
So it I mean it sounds like if the if the threat is increasing because of AI basically we should expect most cyber attacks to become more capable or expect the high end to become more capable and sort of everything trickle down.

Andrew Ginter
it sounds I interpret what you said correct me if I’m wrong as we need our defenses to become more capable pretty much across the board and I have heard recently I think SANS put out in 22 a top 5 security controls for for industrial control systems sort of the not here’s everything you have to do but here are the biggest gaps on average and one of them was incident. Response. It does no good to detect incidents if you can’t respond. Ah, it has some value preventing the incidentds but you can’t always prevent everything and so you need a detection capability. You need a response capability and it’s important that we get all this right. We got to fill in the gaps to make our systems more capable. I’m putting words in your mouth but is is that what. Is that what we’re hearing here.

Leo Simonovich
For sure. we have chased the capability of detection for some time. Our approach at Siemens energy has been different. We recognize a long time ago. That you need to look both at the physical and the digital world together as a unified threat stream that there needs to be context and smarter and more proportionate response. so our our approach has been.

Leo Simonovich
To get out the context you need to get it operational data. The challenge of course has been that when you have operational data what to do with it. IT teams are not well prepared to interpret that data to to know.

Leo Simonovich
What’s a threat and what’s not a threat to understand when to take action or recommend action to the plan operators so being able to translate between the it world and the operational technology world. In a way that helps explain consequences is key because shutting down a plant is very very expensive. and yet the cost of an average industrial cyber attack in the energy sector can. Can be from when you were from a million to six million a day. It’s a lot of money and so we have to somehow play this balancing act between taking proportionate response and taking smarter response that’s informed by operational context. Right? and getting more speed I had been able to detect and recover so what else all we’re talking about it AI Andrew and but what does this all all this mean for AI right? and and what it means is that actually AI is. Really good at finding the needle in haystack in our world. we built a platform that does monitoring detection is really good when we and we have large scale models that help detect that that that subtle change.

Leo Simonovich
In the process and correlated against your NetFlow data to say some. We see something is weird. but what to do about it right? How consequential is it. We have to understand how that potential particular thread could cascade through the environment and at a system level what the impacts could be. So this is where AI can have a really important role to play because we can look at. multiple misfirings as you may call them or multiple alerts at different parts of the system or how quickly something is propagating so AI can be really powerful in all in all this contexts but taking the right approach that combines the physical and the digital world together right. Using AI smartly is key and yet let me just let me pause in just a second. and yet we have energy companies right? They’re just getting basic visibility. They’re just getting their asset inventories. They’re just beginning to pipe data into into their SOCs whereas the bad guys right? have have built a full stack of of of malware factories that are AI driven. We have to get faster.

Leo Simonovich
At becoming more mature around this topic of detection.

Andrew Ginter
So Leo’s been talking sort of at ah, a very abstract level here. he’s talked about he’s talked about finding a needle in a haystack and I like I like that analogy. we have had. Other guests on talking about anomaly based intrusion detection and correlation of alarms and using Ais in all of that. So we’ve actually had people on talking about Ais but using different words if you have. I don’t know a gigabit per second of network packets in an industrial network that you’re watching. There’s a haystack this is a gazillion package coming by every second and the AI is asking. The question are any of these messages are any of these patterns of messages. Indicative of an attack and you can do it signature-based you can say I recognize that message that message is always an attack and raise an alarm or you can do it anomaly based which is looking at sort of patterns of messages and saying this is an unusual pattern. No idea what it is raise an alarm. It might be an attack because it’s different because it’s unusual so this kind of AI has been used forever. The same thing’s been used in in sems in security information and event management systems in your your security operation centers. They get millions of alerts of you know.

Andrew Ginter
Syslog messages millions of messages per day. from 150 of your plants and again they’re looking at this haystack and saying do any of these messages add up to an attack I mean some of them are obvious you are under attack exclamation Mark. out of 1 of your intrusion detection systems but others are Fred here just logged in from India he lives in North America and he logged in 10 minutes ago from North America as well and you can put together. weirdness like this. So um. we’ve been talking about this for for some time now. We’ve never gone into detail I would I would welcome a guest coming on talking about how the AI under the hood of correlation engines and anomaly detection engines actually work I mean I’ve heard words like Bayesian and I have no idea what they mean um. So I’d I’d love to have people on someday explaining how those ais work but the whole the whole concept of Ais on the defensive side finding needles in the haystack. Yeah, this is this has been done for a while and and it’s it’s going to get bigger. There’s going to be more of this.

Andrew Ginter
So that’s a great introduction. we we see the the application we see the problem. we see some some hints towards solutions. let me let’s get specific I mean Siemens energy is active in this space. Can you say a few words. What do you guys have? What do you guys? do? what? what can people call on you for in this in this problem area.

Leo Simonovich
Well, we’ve we’ve been on a journey in our thinking around operational technology AI has really evolved a a bit of self-reflection.

We siemens it was our plcs that were impacted by Stuxnet. We saw the subtle manipulation of process. and that event was a wakeup call for us to get serious about.

Industrial cyber and operational technology. This was a while back of course a lot of water under the bridge. yes, we had to get serious about product security and we we we hired almost 2000 people around the world to to support us product security managers folks in incident response. Folks that deal with vulnerabilities and guess what the world around us at the same time was changing and it’s changed a lot. it’s become more digital as we’ve talked about it’s become more interconnected we become more dependent on our customers.

And we recognized that it wasn’t just about securing the box What we needed to do was secure the operating environment the whole operating environment whether it was our stuff or somebody else’s stuff. the customer just needed help and. They were figuring things out at the same time as we were. We just had a little bit of a head start so we developed a practice in industrial cyber security focused on this problem of visibility that I’ve talked to you about we recognize that that. Going after the visibility problem from a technology perspective doesn’t necessarily make us safer because everybody talks about their latest and greatest Silver bullet or or their best detection box What we saw is that there was also a human capital challenge. In this space that there were not enough folks cross-trained in control systems and networking Insec security and now increasingly data science Those folks. Are still very rare. So What we’ve done is we built a business and a practice in this space. what we offer to customers is fundamentally. Um.

We are the trusted advisor. We don’t know when I have all the answers. but we’ll figure it out together and we’ll be there with you along for the ride because as digital technologies get introduced as there’s a lot of hype around AI as the threat landscape changes and the number of attacks increases exponentially we will be there as we have for one hundred and twenty years and so we’ve built a consulting practice a managed service practice. we built some proprietary technology around around detection but ultimately what we do is we build bridges between it teams and o team teams to work with one another because it it is going to take that into disciplinary approach and we hope to be in the center of it with our customers.

Andrew Ginter
Thanks for that. can I ask you? sort of a basic question. We’ve talked about the problem we’ve talked about some solutions if we’re starting at zero – I mean we’ve we’ve got an energy customer. Do these customers. Know how much AI they’re using. Do they know how much AI is coming after them. do they know how much trouble they’re in from from both ends of it and whether they don’t or not sort of what are the first steps. How do they get started dealing with this this new threat?

Leo Simonovich
Well AI, there’s a lot of hype around it and I think there’s general awareness now within security teams both on the I t side and the ot side that AI holds a lot of promise. but could also be used for very very bad things. on the ot side in particular I said there’s a lot of skepticism. And the reason is is because the plan operators need to. Ah. Ah, be able to unlock the black box that AI think to understand it. Maybe it’s an engineering approach and engineers. You need to kind of understand what’s happening you need to be able to understand the methods you need to be built to kind of. Trace the logic and so when I talk to security folks within implants they’re they’re skeptical of the latest and greatest tools. and they want to know how do you detect something? What is his Bayesian belief sounds very fancy. But if I can’t even do the basics. Why should I go after this problem so there’s both skepticism and desire and there’s one more thing which is the chief digital officers chief innovation officers the boards.

Are telling security teams. You gotta you gotta give me use cases around AI both on my business side and the security side and I know some customers that need to deliver a use case a week to the board. That’s how closely to be monitor if you think about that. Um. so sleepy giants are that have been doing things the same old way extracting pumping oil the gown the last fifty years the same old way are now being called to innovate in this space and then there’s kind of the middle of the pack folks that are, that fear they’re gonna be left behind and and then there’s the small, the small guys and by the way those represent if you look at the United States right 3500 utilities once you get outside the 2 top 200. Everybody’s small kind of mom and pop.

Community distribution facilities power plants those folks don’t even know how to get started and to get to your question of how you get started I think. The basic question that one should be asking is first and foremost what is important to me. What are the assets that are key that I need to get a handle on be able to understand the risk understand the vulnerability understand the exposure. Monitor it and then build an AI layer around it by the way those 2 things are very closely correlated. The the assets that are really important to be monitored assets that could benefit from applications of AI assets that attract. The bad guys and assets were a security AI use case is really valuable. So the first step is asking. What’s important the second step is figuring out what data needs to travel to be able to get a basic context and then the third step is the step that I call kind of advanced detection where AI needs to play a role in understanding.

Not just basic characteristics of a particular process or particular asset but kind of 3 dimensional behavior of of production right? And the manipulation of that to cause that boom event that you and I Andrew talked about.

Andrew Ginter
So Leo this has been enlightening a little distressing but but enlightening thank you for joining us up before we let you go can I ask you to sum up for our listeners. What what should we be taking away from all this complicated space.

Leo Simonovich
Yeah, well first of all, it’s not. It’s not all doom and gloom. There’s a lot of anxiety around this topic. but it’s definitely a journey there trust the partners that can help you don’t get wrapped up in the hype and the chase for the use cases just because the board is asking take a more measured approach to get a basic handle of your environment. AI will come. Wait. There’s steps that you can take both around the business side the operational side and the security side to to measure whether AI can benefit you. It’s not a that the it’s not a down the line thing. However.

Most folks will say I’m not mature enough and therefore I should not dabble that the reality is this technology is getting too good and the gap between the defenders and the attackers is really widening and so time is short. So don’t wait till you get. other aspects of your Ot Cyber Security program I begin to dip your toes into this space start by building some of these detection models start by picking assets that are important to you and. Getting a better understanding of of their behavior. And then ultimately look out for the regulation that’s coming down the pipe and work with your suppliers. To make sure that you can demonstrate that you are taking smart steps to better prepare yourself for what’s going to be an exciting future. in one where I think ultimately the good guys will win.

Nathaniel Nelson
Andrew that was your interview with Leo Sooneovic AI is a big topic in cyber security everywhere today. do you have any final thoughts about the subjects to close out our episode.

Andrew Ginter
Yeah I mean thinking about this a couple of things 1 is that that historically five years ago AI was sort of the anomaly. There was a little AI in the detection algorithm there was a little bit of AI sprinkled here and there increasingly you know. AI is everywhere. and in the industrial space I think we all need to get used to the thought that AI is our future. what is what’s the number 1 investment that people make routinely in industrial processes. But that engineering teams make routinely they make investments to make the process more efficient. One of the ways you make processes more efficient is that you make decision making about the process more efficient, more accurate more effective faster I think AI is essential. In that process AI is going to be essential to all of us to be making our processes more efficient and this is just on the the in a sense the mechanical side just doing things on the cybersecurity side. the bad guys I’m sorry they’re investing in making their attacks more efficient. As well and so on the defensive side. Yeah, we’ve been doing stuff in sort of intrusion detection for a long time I think we need to get used to. We need to invent ways to use AI to make our defenses more efficient. everyone.

You know, bad guys and good are using AI to make everything more efficient I don’t think we can ignore this anymore I think this is this is this has to become sort of the the common language the common wisdom of the space going forward. So I’m I’m grateful to Leo and I look forward. Fortunately, or unfortunately to thinking about AI a lot more in the years ahead

Nathaniel Nelson
Yeah, it feels like a topic that we might have more episodes about in the next few years than we have in the past few even though we have covered it at times anyway, thank you to Leo for bringing that up with us and Andrew is always thank you for speaking with me.

Andrew Ginter
It’s always a pleasure. Thank you Nate.

Nathaniel Nelson
This has been the industrial security podcast from waterfall. Thanks to everybody out there listening.

Stay up to date

Subscribe to our blog and receive insights straight to your inbox