Questions on AI in OT & ICS Security
Dale Peterson
ICS Security Catalyst, Founder of S4 Events, Consultant, Speaker, Podcaster, Get my newsletter friday.dale-peterson.com/signup
Unsurprisingly the largest category of submissions to S4x25 CFP have been AI related. Almost all of these submissions could have been written by generative AI.
A paragraph or three on how AI is an important, fast growing technology that will have a major impact on OT & ICS security.? The concluding sentence ... in this session we will present lessons learned, how AI will be used by ICS defenders and attackers, and what actions you should be taking.
These presentations aren't wrong or bad. It's just that I've attended so many conference sessions and webinars, listened to podcasts, and read articles that provide this big picture view. I imagine many readers and certainly the most S4 attendees feel the same.
We had the same issue this year, and I was pleased with the session gems we were able to pull out for S4x24 from numerous proposed sessions.
领英推荐
The bar is raised every year at S4. Despite the deluge, we haven't accepted one AI focused session for S4x25 yet. We have some maybes that are the best of what's been received, and we have numerous requests out for more specifics from submitters. I expect one or two of the submissions will eventually result in a S4 session as we get more information and focus the content.
It's time for a different approach to get AI related sessions for S4x25. Here are some questions I have and am looking for answers to:
If you can answer these please submit to the CFP. If you don’t want to speak at S4, tag me in your article or podcast or webinar.
Industrial Cybersecurity Practice Leader | Critical Infrastructure Protection Executive Advisor | Industrial Cybersecurity Innovator | Industrial Intelligence Platforms Champion | Engineering Solutions Architect
2 个月Love it! Thanks for sharing these insights Dale Peterson. This perfectly captures the current state of the ICS/OT cybersecurity market. I'm not surprised at all. Lately, we've seen a significant shift, with many IT cybersecurity professionals suddenly transitioning to OT and quickly claiming expertise. Now, if you look at social media and other platforms, it seems we have more OT cybersecurity professionals than IT ones. With all the hype around AI, it's no wonder most of the topics you're receiving are AI-related—everyone's suddenly an AI expert! I wouldn't be surprised if next year, most of the submissions will be around quantum computing in ICS/OT cybersecurity! :)
The most interesting development in AI that I've seen recently came from MIT: https://airisk.mit.edu/ I think this could be useful in a future release of SAG-PM to identify risks in AI products. More risk factors to add to the SAGScore equation.
Begun work on my 2nd book. This one is focused on insurance and cyber. 1st book: “Stone Tablets to Satellites: The Continual Intimate but Awkward Relationship Between the Insurance Industry and Technology".
2 个月AI ? What AI Technology Application(s) do you have in mind? GenAI? Recognition Patterns ? (Face, Voice, Fingerprint, Retina, other?) Machine Learning? Virtual Assistants? Other?
OT, ICS, Sec, SCADA and Other Assorted Acronyms
2 个月Always appreciate the fact that you're trying to raise the bar at S4. Everyone wants interesting, engaging talks; but I do wonder if your questions are getting at a bigger inherent issue. What if the answer to what's useful and valuable (what questions 2 and 3 are getting at) isn't all that interesting to watch on a stage? Most people I speak with seem to be struggling scaling internal programs or rolling out initiatives with limited budgets. In this case AI for OT Security probably should be used to save time, scale labor, and reduce monetary expenses. But I'd imagine solutions that drive value in our world are a lot closer to automated checklists than the Cheetos talk from last year....
Sr. Control Systems & Instrumentation Engineering Professional I Functionally Safe & Cyber Secured Critical OT Infra Engineering Specialist I IEC 61511 FSE Certified TUV I ISA99/IEC 62443 Certified Fundamental Specialist
2 个月First of all, I fully agree with Sinclair analogy that AI should not be a disruptive event respecting the core PSM foundational requirement i.e. functional safety (SIS) and process control systems (BPCS) independence. Secondly, from asset owner's perspective I would like to highlight that while considering critical infrastructure technical authority decisions, evaluating any vendor's AI claims should go beyond marketing buzzwords considering the fact OT should focus on specific, incremental benefits rather than abstract futuristic promises.? 1- Asset owners need transparency regarding data sources, model accuracy, and real-world testing. 2- Vendors should provide clear evidence of how their AI solution will evolve over the short/mid term in an industrial environment. 3- Regular auditing of AI models and ensuring the adaption to evolving operational and cyber landscape. Without any doubt the key for Asset Owners in this context will be in balancing innovation with a commitment to safety and risk management.