Physical and cybersecurity are converging, as evidenced by events like the attacks on the Colonial Pipeline, JBS and, more recently, the Oiltanking attack. These cyber incidents have had devastating cascading consequences on physical systems that can stop an organization's operations or paralyze a country’s economy.
In fact, weekly cyberattacks were at an all-time high in the last quarter of 2021, totaling 900 attacks per organization. In 2022, there are no signs of a slowdown.
As many organizations continue to prioritize organizational resilience, most are struggling to keep ahead of cyber risks that threaten their assets, communities and the critical infrastructure and operations that power the economy.
By applying artificial intelligence (AI), machine learning and other advanced technology capabilities, companies can get ahead of these threats and ultimately mitigate their impact. Here are three ways enterprise security leaders can prepare.
Make reliable and real-time information easily accessible at all times
Information is power. The more cybersecurity professionals know about an attack, the better their organization can prepare, activate backup plans and protect the bottom line.
But keeping track of every threat looming around an organization has become more difficult. Implementing intelligent technology that can accurately identify threats in real time ensures the appropriate security response is immediately activated.
AI can sift through thousands of data points. Using machine learning (ML) and natural language processing (NLP), information from government bureaus or geological services can be analyzed to make reliable calculations on which threats have the potential to harm an organization.
For example, the first attack on the Colonial Pipeline occurred a week before operations were paralyzed. If the company’s security system had identified this event, the threat could have been mitigated and the physical impact of fuel shortages may have been avoided.
Track the implications of a cyberattack to determine operational impact
If a breach occurs, the cascading effects can be just as unpredictable as the initial attack, so mitigation isn’t complete once the threat is isolated.
The JBS cyberattack began in Australia, and then the attackers targeted JBS Brazil. After the attack, investigators identified an initial exfiltration of data in Brazil using the same mega file transfer from Australia almost one month later.
If JBS had implemented defensive technology that could pinpoint the illegal transfer early on, the company could have alerted all vulnerable locations about a possible attack. The lapse in tracking the initial breach caused JBS to lose access to its plants that supplied Latin America and the United States.
AI-powered threat intelligence systems can provide a view of potential risks — from purely cyber threats to the disruption of physical operations. If a breach occurs, AI can alert the security department and transfer critical data about the event, showing what’s been compromised and identifying potential impacts to employees or infrastructure.
Have a comprehensive crisis plan in place that includes targeted communication
Companies may be prepared for immediate crises, but they often are not prepared to manage the cascading effects. Create a comprehensive and flexible crisis plan that includes not only initial actions and longer-term mitigation, but also a framework to identify cascading effects of other global attacks.
With AI-powered threat intelligence and geo-targeted communication technology, messages and responses about potential incidents can be sent in real time, as a crisis unfolds, to specific groups of people. The same technology can also signal the activation of backup plans that could include initiating information technology (IT) processes, removing building access, tracking employee badges to know who is in the office or who is working from home or sending communications to employees to track who may be in distress or who can be marked safe.
Organizational resilience in 2022 will be determined by how businesses think of, prepare for and manage unpredictable risk. By incorporating AI and machine learning into their security systems, organizations can make informed decisions from reliable insights about threats, and ultimately, stay one-step ahead of the physical consequences a cyberattack may bring.