AI’s growing role in securing critical infrastructure

AI’s growing role in securing critical infrastructure

By Les Williamson (pictured), Regional Director Australia & New Zealand, Check Point Software Technologies

 

At a time when cyberthreats are growing in both number and severity, Artificial Intelligence (AI) is becoming an important part of the IT security landscape.

A recent report from Check Point Software Technologies research highlights the urgency of this trend. Between January and August 2024, the utilities sector – which encompasses critical infrastructure – ranked fifth in terms of the average weekly global cyberattacks per organisation with 1,514 attacks reported each week. This represents a 37% rise compared with the same time last year.

As the threat landscape evolves, AI offers a powerful tool to bolster defences, providing rapid, accurate detection and response capabilities. At the same time, a report from the Tech Council of Australia noted that Generative AI (GenAI) could add $115 billion to the Australian economy annually by 2030.

AI-Driven threat detection

The integration of AI into critical infrastructure marks a shift from traditional cyber security methods to a more dynamic, proactive approach. AI’s ability to process massive data streams in real time enables organisations to detect anomalies and potential threats faster than ever.

Machine learning (ML) algorithms can continuously evolve, adapting to new threats and learning from past data, which helps keep systems one step ahead of cybercriminals. For sectors like energy, water, and transportation, AI-driven solutions offer an essential layer of protection.

For example, AI is used to detect subtle indicators of compromise that might be missed by conventional systems, allowing security teams to respond to threats before they escalate into significant disruptions. This is crucial for ensuring the uninterrupted operation of services such as power grids, water supplies, and public transit systems.

Enhancing security automation

AI’s impact extends beyond just threat detection. It also plays a crucial role in automating and orchestrating cyber security processes. In many critical infrastructure environments, AI systems can autonomously investigate alerts, correlate data from various sources, and initiate appropriate responses.

This level of automation not only accelerates the response time to cyber incidents but also reduces the burden on human operators, allowing them to focus on strategic decision-making and complex threat analysis.

By automating routine security tasks, AI enhances the overall resilience of critical infrastructure against cyberattacks. It ensures that even during high-stress situations, such as large-scale attacks or system failures, key operations remain functional.

As cyber threats become more complex, AI’s ability to streamline defences and co-ordinate responses is a valuable asset for protecting essential services.

A double-edged sword

It should be remembered, however, that generative AI presents both opportunities and challenges in the area of cyber security. On one hand, it can aid defenders by analysing code, identifying vulnerabilities, and synthesising threat intelligence. For instance, generative models can rapidly scan software for weaknesses and suggest fixes, helping to close security gaps before they are exploited.

However, generative AI also provides new tools for adversaries. Hackers can leverage AI to craft more sophisticated phishing schemes, generate new malware variants, and discover previously unknown attack vectors.

This dual nature of generative AI necessitates a proactive and adaptive approach to cyber security, especially for critical infrastructure operators. As the capabilities of AI evolve, so too must the defences designed to counter these emerging threats.

Building holistic defences

To address the challenges posed by AI-powered attacks, many organisations are adopting a ‘converged cyber-AI’ approach, which integrates AI throughout their entire security infrastructure. This strategy allows for the development of comprehensive defences that can anticipate, detect, and respond to threats with greater speed and accuracy.

By utilising AI-native architectures, critical infrastructure providers can build robust systems that protect against sophisticated cyber adversaries. These architectures enable better coordination between AI tools and traditional security measures, creating a multi-layered defence that is well-suited to the evolving threat environment.

As a result, organisations can not only defend their systems more effectively but also reduce the overall risk of cyber incidents that could disrupt essential services. 

Transforming operational efficiency and reliability

Beyond cyber security, AI is also transforming the operational side of critical infrastructure, enhancing efficiency, reliability, and sustainability. In the energy sector, for example, AI plays a crucial role in managing smart grids by predicting energy demand patterns, optimising distribution, and integrating renewable sources. This not only reduces waste but ensures a stable power supply even as demand fluctuates.

Predictive maintenance is another area where AI is making a significant impact. By analysing data from IoT sensors and other sources, AI can predict when equipment is likely to fail, allowing operators to perform maintenance before issues arise.

This reduces downtime, lowers maintenance costs, and extends the lifespan of critical components. In transportation, similar approaches are being used to maintain railways, highways, and public transit systems, ensuring that they remain safe and operational.

As the digital landscape continues to evolve, integrating AI into the protection of critical infrastructure is no longer optional – it is a necessity.  Indeed, the Australian Federal Government’s 2024–25 Budget allocated AU$39.9 million over five years for the ‘development of policies and capability to support the adoption and use of AI in a safe and responsible manner’.

The benefits of the technology, from enhanced threat detection to improved operational efficiency, make it a valuable investment for any organisation aiming to safeguard vital systems.