Security in the Manufacturing domain has always been a concern. When product information, designs, blueprints, and research/test information is digitalized, the security of this data becomes vital to protecting the intellectual property of an organization.
As we embark on the fourth industrial revolution, we see the fusion of OT (operational technology) and IT (information technology). The fusion of the physical space with digital. This also raises security concerns, especially when IoT sensors are used to monitor manufacturing processes and collect data. This data is analyzed using AI and ML algorithms in the cloud.
In recent years, there have been increased cyberattacks on industrial facilities with the intent of damaging equipment, disrupting manufacturing processes, and stealing intellectual property (data). The Stuxnet attack is a well- documented example.
Toshiba Corporation provides solutions in the fields of energy, social infrastructure, electronic devices, and digital products by combining this expertise with digital technology. Its 2020 Cyber security report states the paramount priority for its business operations is to deliver safety and security to everyone.
Toshiba also aims to support people’s lives through cyber-physical system (CPS) technology. CPS analyzes huge amounts of data collected from physical space in cyberspace in order to generate valuable intelligence and feeds it back to physical space.
Takashi Amano, General Manager, Cyber Security Center, Toshiba Corporation talks about the limitations of conventional corporate security systems in the manufacturing domain, and the steps his company has taken to protect intellectual property. He feels there is a need to rebuild the infrastructure in line with the concept of the Zero Trust Network. And he believes that visualization of devices, networks, applications, cloud services, and human behavior is important
Amano is also Technology Executive and CISO, Toshiba Digital Solutions Corporation.
In this episode, he is joined by Kumar Ritesh, Founder and CEO, CYFIRMA.
The edited transcript of Takashi Amano’s responses.
What are the limitations of conventional corporate security systems with regards to protecting intellectual property (IP) related to products and manufacturing (blueprints, product designs, prototypes)? What steps has Toshiba taken to protect such intellectual property?
Takashi Amano: The conventional corporate security systems have been mainly based on the boundary defense and some access control. The idea was to configure the internal network as a closed network with minimal connections to the outside. Access rights to the information like IPs were controlled and intellectual property was protected by narrowing down who could access it. IP management in the manufacturing industry is very complex. The manufacturing industry has various functions, for example, design, manufacturing, quality, maintenance and operation, each department has its own IP. In addition, traditionally, factory manufacturing systems are often managed individually on the network.
On the digital transformation era, regarding the limitations to protect IPs in the manufacturing domain, the meaning of the boundary itself has become gray as the use of the cloud in development infrastructure, business system infrastructure, and the platform for the open innovation efforts with partners. In fact, the conventional corporate security system makes accurate information management difficult.
As the limits of boundary defense are becoming apparent, I feel that there is a need to rebuild the infrastructure in line with the concept of the Zero Trust Network. However, it is difficult to move to such an environment in the short term, and we believe that strengthening the monitoring of the current environment is a priority in the short term.
Visualization is the most important short-term solution. This is because there are more and more unknown attacks these days, not known ones. We believe that visualization of devices, networks, applications, cloud services, and human behavior is important. Examples are EDR for devices and CASB for cloud services.
I think we need to be prepared for a real-time, proactive response rather than a reactive response. Visualization solutions are important solutions for achieving these goals.
On the other hand, in the long term, we think it is necessary to incorporate the concept of zero trust network into the entire network and protect it. Since there are a wide variety of access types, locations, and devices, we recognize it is important to check the validity of access and to visualize the flow of information properly.”
How do you see the merger of OT and IT today? To what extent is this happening with critical infrastructure such as power grids and nuclear power plants?
Takashi Amano: In the industrial infrastructure field, we believe that we can create a lot of value by uploading operational data of physical space to cyberspace then analyzing it together with experience and knowledge. We aim to provide value through CPS technology (cyber-physical system), and we believe that the fusion (connection) of physical space (OT) and cyberspace (IT) is essential. Even in the critical infrastructure area, it was traditionally said that OT and IT were completely separated, but nowadays, cloud utilization is also advancing in some industries. We believe that this trend will gradually spread to other industrial fields.
What would be the new norms for security in the fourth industrial revolution (industrial IoT) and how would it differ from traditional security?
Takashi Amano: In a nutshell, the value that industrial IoT brings is a world of data-centric value creation. Among them, how to ensure the reliability of data is an important issue, and we think that it is an issue to establish a consistent data protection policy and mechanism from the edge to the cloud, and we also research and develop technologies that will be useful for it. We are also working on it. In addition, since the supply chain will be connected in an IT manner, it is necessary to ensure supply chain security.
The volume and variety of threats is too much to handle by conventional security defenses. Can there be a solution that is more proactive and warns of attacks before the damage is done? A type of “autonomous security”? What exists today?
Takashi Amano: Technically, I think the use of logs, intelligence, and AI is the key. We believe that technology that utilizes horizontal and vertical intelligence to grasp the movements of attackers in advance, and proactively deal with and respond to risks will be required.
Although the automatic incorporation of horizontal intelligence into management systems is progressing, vertical intelligence is typically provided in text and must be handled by humans. Also, for AI, the context understanding becomes a black box, so humans need to supplement it. We are beginning to work on automating the management system for a proactive response.