Why locking down your AI-powered industrial internet of things is critical

By Sadiq Iqbal (pictured), Cyber Security Advisor at Check Point Software Technologies

Generative AI, advanced machine learning and modelling algorithms… recent years have seen an extraordinary surge in the development and commoditisation of these technologies. So much so that they’ve morphed from science fiction fodder into off the shelf solutions, in little more than the blink of an eye.

In 2024, Australian businesses are alive to the ways in which they can be harnessed to make their existing internet of things (IoT) arrays more valuable – from optimising operational efficiencies to offering predictive capabilities and paving the way for more strategic decision making.

Unpacking the compelling use cases for AI-driven IoT

In manufacturing, for example, AI-driven predictive maintenance has ceased to be about mere fault detection. These days, it’s focused on understanding the usage patterns that lead to wear and tear and, as a result, being able to extend the overall life of plant and equipment.

Meanwhile, in supply chain management, Artificial Intelligence (AI) algorithms have moved beyond basic stock control to offering real time tracking and predictive analytics for efficient inventory management, and a more responsive approach to fluctuations in demand.

Another crucial aspect of manufacturing, quality control, has been revolutionised by AI’s ability to perform high precision inspections in the space of a few seconds and minutes; work which might previously have taken human beings many days to complete.

And understanding the dangerous downside…

That’s the upside and it’s gloriously apparent. The downside? This advancement brings with it complex security challenges.

Because as AI drives industrial IoT to new frontiers, it simultaneously broadens the attack surface, by introducing a host of new risks.

When highly complex IoT ecosystems meet AI’s data intensive nature, vulnerabilities that can be exploited by bad actors open up. These range from unauthorised access to sensitive data to the potential hijacking of networked industrial systems, a la the dairy and beverage giant Lion Nathan. After falling victim to a ransomware attack in June 2020, the company suffered a partial IT outage which halted the production of milk and beer.

The Federal Government is taking the issue seriously with new proposed cyber security legislation which covers a range of policy indicators, including mandating secure-by-design standards for IoT devices. The uptick in recent legislation has also resulted in penalties for Australian companies resulting from derelict cyber security, even if this is due to a failure with a third-party company in their supply chain.

Tackling the challenge

Mastering these nascent security challenges calls for a multi-faceted approach.

Robust cyber security protocols that have been specifically tailored for the IoT environment are a must. For comprehensive protection, it’s essential they include regular updates to security algorithms, secure data encryption methods and stringent monitoring for intruder activity.

But reactive measures alone are unlikely to suffice. Forward thinking organisations will want to ensure they remain on the front foot; anticipating threats and mitigating risks as they’re emerging.

Advanced cyber solutions based on the principles of zero trust and zero tolerance are critical, if every component within an IoT eco-system is to be verified as secure.

So are advanced training for all personnel with exposure to IoT arrays, and stellar cyber-hygiene practices across the board – think regular system updates, thorough risk assessments and continuous monitoring for potential vulnerabilities.

Given what’s potentially at stake should systems be forced to shut down, investing excessively in hardening security posture is well-nigh impossible.

Towards a smarter, safer future

As AI continues to evolve, its potential to effect improvements in the industrial sector is almost limitless. New levels of creativity and efficiency are there for the unlocking, for local organisations that manage to marry it effectively with the IoT networks used to run complex manufacturing and distribution processes.

Cyber practices and programs to protect these game-changing high-tech assets are no discretionary purchase; they’re an ongoing investment in productivity, profitability and business continuity that no enterprise can afford not to make.