Skip to main content

William Ruh: What the Rise of Industrial Internet Means for Cyber Security

William Ruh GE
October 23, 2014
Security isn’t what it used to be. Thirty years ago, it was a fence with a locked gate and a guard posted outside a data center. Today, it’s a multi-layered strategy encompassing people, processes, devices, sensors, machines, systems and networks.

As the world’s markets rapidly evolve into complex hybrids of physical and digital assets, cyber security is increasingly critical as a stabilizing force. It is no longer an esoteric art practiced mainly by rival intelligence agencies and giant corporations — it has become a basic necessity of everyday life for any business.

Let’s take a brief look at how the rise of operational technology (OT) is upping the ante for cyber security. OT is the beating heart of automation — it’s what enables companies to run vast operations from fleets of machines to manufacturing plants and power grids.

Unlike traditional information technology (IT), which is designed to run in pre-set cycles, OT has no off-switch — it’s constantly “on,” 24/7/365. The platform for OT is the Industrial Internet. And the Industrial Internet is what enables everything to connect and operate the way it was intended — on schedule, reliably, efficiently, safely and securely. At GE Software, we find the intersection of OT and the Industrial Internet both extremely exciting and incredibly challenging.

A major part of the challenge is safeguarding OT and the Industrial Internet. As a modern society, we simply cannot approach OT security the same way we approach IT security. Globally, we need to rethink the entire cyber security paradigm. For many valid reasons, the focus has been on protecting data that moves on consumer networks. Now we need to shift our focus to the wider and more complex universe of industrial networks.

At Wurldtech, which was recently acquired by GE, we believe in a three-pronged approach to cyber security in the Age of the Industrial Internet:

  1. Assess — Discover anomalies, then identify and assess the root cause of the associated vulnerability.

  2. Protect — Deploy solutions that quickly and seamlessly protect networks of unpatched devices against specific industrial vulnerabilities, and train staff to improve cyber security awareness.

  3. Certify — Develop and promote professional certifications to ensure that best practices are followed rigorously for device security and development.

We’re also applying Big Data analytics to discover patterns of behavior that might indicate potential cyber threats or uncover potential issues that have gone unnoticed. Additionally, we’re enlisting our Brilliant Machines. For example, we’re working on ways for our machines to identify the people around them and to “know” which individuals are authorized to access, adjust or use them.

The rise of OT and the emergence of the Industrial Internet have fundamentally changed the way we look at cyber security. As the essential goods and services that we associate with our daily lives — electricity, natural gas, telecommunications, healthcare, transportation — become more reliant on automated systems, the need for a more robust approach to cyber security will become increasingly clear.

Top GIF: Video courtesy of GE Datalandia

William Ruh is Vice President of GE Global Software