- Increasing connectivity and complexity in operational technology systems pose growing cybersecurity challenges for critical infrastructure.
- While AI offers potential benefits, both defenders and attackers are leveraging its capabilities, highlighting the need for vigilant monitoring.
The second Honeywell Connect event highlighted many of the same themes from the first show last November: Emphasizing digital transformation to improve operations, intelligence and make workers more efficient and safer. This time, with the show in Dallas rather than Orlando, Honeywell’s emphasis, according to Honeywell Connected Enterprise president and CEO, Kevin Dehoff, is about learning from their customers and using those lessons to improve the future regardless of industry.
“It’s a unique geopolitical situation,” said Michael Ruiz, vice president and general manager for cyber innovation at Honeywell during a panel discussion. “Nation-state actors are increasingly going after critical infrastructure. Coupled with that, you have emboldened cyber hackers.”
This is in the wake of plant managers facing a reality they didn’t have to worry about a few years ago, Ruiz said. More devices than ever are connected to the internet. This received a jolt during the COVID-19 pandemic and it has made the world more connected than ever. While it’s a good thing for companies looking to improve productivity and efficiency with more information, it also means they’re more vulnerable, the flip side is this accessibility means there’s greater vulnerability than before.
“The attack surface on critical infrastructure is growing because attacks are on the rise,” said Dimple Shah, senior director of global technology and data policy at Honeywell, adding three-quarters of companies have experienced an operational technology (OT) intrusion.
Jason Urso, vice president and CTO of Honeywell, outlined three fundamental dynamics to what OT systems face:
The amount of connectivity is greater than it was a few years ago,
OT systems are getting more complex than ever before. OT networks, he said, resemble IT networks these days because of how complex they are.
Threats are far more sophisticated than ever before and the bad actors are bolder than ever.
The challenge, Urso said, is trying to know the situation in real-time.
AI’s potential looms—for good and bad
Artificial intelligence (AI) has become a major topic of discussion thanks to the ubiquitous rise of ChatGPT and other tools. AI is not a new idea or tool for manufacturers, but it’s use—and perhaps even dependence—is growing. AI can help enhance cybersecurity by providing better information and tools for companies to defend themselves.
However, they’re not the only ones using AI.
“AI is fantastic for us, but the bad actors are using the same kinds of tools,” said Chase Carpenter, chief security officer for Honeywell. “This underscores the need to get in and understand all these assets and potential attack vectors. We need to monitor, monitor, monitor.”
Ruiz agreed, saying, “What do we need to build to help our customers? How does generative AI and large language models (LLM) models help? Increase the capabilities to defend, but it also helps the attackers launch their attacks, as well.”
Shah said of the cybersecurity threats manufacturers face: “Cybersecurity threats know no borders. They will attack from anywhere.”
Chris Vavra, web content manager, CFE Media and Technology, email@example.com.