Securing Critical Information Infrastructures and Systems

Dr Yehonatan Kfir

Chief Technology Officer, Radiflow

By Dr Yehonatan Kfir, Chief Technology Officer, Radiflow

At one of Asia’s largest real estate groups, estate managers had the onerous task of managing multiple properties across a global portfolio of commercial buildings, industrial parks and residential estates.

Even with the help of building management systems (BMS) to handle everything from access controls and elevators to heating, ventilation and air conditioning systems, overseeing multiple standalone systems is complicated.

So we designed a system which integrates these BMS sub-systems into a seamless one-stop monitoring network. Here, building managers can easily control and view the status of all the critical systems that keep buildings running.

But beyond ensuring that the systems function reliably, these sites also need to be protected from hackers who can wreak havoc on the properties remotely.

Smart Cybersecurity for Smart Infrastructure

We have witnessed many examples of massive data breaches and cyber-attacks in recent years. With growing industrialisation, increased digital flows and a push towards Industry 4.0, the deep connectivity of such information and control systems inadvertently places them at greater risk of multi-vector cyber-attacks.

Today, BMS, Industrial Automation and Control Systems (IACS) and Supervisory Control and Data Acquisition (SCADA) systems play a central role in running everything from industrial machinery to critical services. These systems are essential in helping different machines and sub-systems work together.

While such industrial automation boosts productivity and efficiency, the risk of cyber-attacks has never been greater as more systems get interconnected.

Take critical infrastructure such as rail networks that run on Command, Control and Communications (C3) systems – train systems rely on IACS and SCADA to ensure that commuters are shuttled from one place to another safely. Power stations and water processing plants also count on similar control systems to keep the power grid and taps keep running.

To protect lives and national security, we have developed the next generation of automated industrial security monitoring systems that are powered by Artificial Intelligence (AI) and data analytics.

Automatic Detection and Monitoring

Like a sentinel on the lookout for malware and ransomware, our systems monitor and analyse every packet of data that passes through for suspicious behaviours and threats in real time. We built a trio of systems which work hand-in-hand to ensure cybersecurity.

Radiflow’s iSID detection and analysis platform provides the processing brains for automatic threat detection and monitoring, while the iSAP smart collector is a versatile tool that aggregates all the data that is communicated across systems and diverts them to a centralised location for analysis.

Finally, through the iCEN central monitoring and management platform, businesses can get an overview of cyber-risk information for better decision-making.

Installation is easy as security integration is seamless – there is no need to teach iSID what to do as it has an automatic learning function that scans the network and establishes the links between the assets and business processes. It is also able to plan and simulate attacks on its own networks – a useful feature which helps to identify and eradicate vulnerabilities.

Speeding Up the Risk Management Process

When it comes to risk assessment, the image of cybersecurity experts scrutinising spreadsheets often comes to mind. It is, after all, a complex and time-consuming process which is prone to human error.

What if we can overcome the limitations of humans with automation and AI? This year, we are proud to launch the Cyber Industrial Automated Risk Analysis (CIARA) system – a first fully automated ROI-driven risk assessment and management platform for industries.

CIARA prioritises the most critical risk factors as it analyses thousands of data points for network and sector-specific threats. It then automatically identifies the real-time risk level based on the current threat level and security controls in place.

By studying the signatures and fingerprints of hundreds of cyber threat types, CIARA automates the process of risk identification by finding the most common security control threats across the digital network models – including protocols, vulnerability, firmware versions, topology and device type.

It is also fully compliant with the IEC 62443 cybersecurity certification, and can generate a detailed risk assessment report based on the international standard.

By adopting advanced analysis algorithms to automate and manage the entire cybersecurity risk, threats such as drive-by compromises, spear-phishing attempts and public-facing application exploits can be mitigated effectively and easily.

This is because CIARA uses a matrix of tens of thousands of permutations that is impossible for humans to analyse. Within minutes, it can evaluate and make recommendations for mitigations.

The Future of Cybersecurity is in AI

As things, machinery and processes get smarter, it is not enough to simply monitor and keep a lookout for threats today – companies have to do more to protect themselves in an increasingly connected world.

Our next generation of industrial security monitoring systems provide a fully automated suite for assets data collection, data-driven analysis and transparent risk metrics calculation. They are critical in protecting every sector, and may soon become the de facto standard.

Subscribe Now

Enjoy new insights and articles,
delivered directly into your inbox.

AGIL Blog may keep me informed on content updates with personalised emails. See our privacy policy for more details.