ARIA Cybersecurity Solutions, an arm of CSPi, has launched a platform that applies artificial intelligence (AI) in memory directly on endpoints to secure them.
Gary Southwell, vice president and general manager for the cybersecurity division, said ARIA Zero Trust PROTECT is specifically designed to eliminate the need to depend on cloud services to secure operational technology (OT) endpoints in real-time. The platform uses lightweight AI engine deployed on the endpoint itself that learns known-good applications by identifying executable code, scripts and processes and blocking everything else, he added.
The AI platform is capable of automatically blocking 17 techniques that cybercriminals widely use to target OT systems, said Southwell. Designed to be deployed in a few minutes without requiring special training, the platform can be applied to multiple versions of Windows and Linux operating systems; even those that might have been embedded in an OT system several decades ago, said Southwell.
In addition, no internet connections are required and, because it runs in memory, there is little to no impact on application performance, he added.
That approach provides OT teams with a zero-trust approach to cybersecurity that, in contrast to other approaches that first scan platforms and then process data in the cloud, leave the endpoint unprotected until a means to thwart that attack—such as a patch—is created and implemented, he noted. That process is simply too slow when an attack made against an electronic vehicle while it is in motion, for example, needs to be thwarted in real-time, said Southwell.
In other scenarios, a manufacturing company could lose millions of dollars if an OT system is down for any length of time while waiting for a patch to be developed and applied, he noted.
Most OT teams, in general, would prefer to rely on an approach to cybersecurity they control versus having to bridge the divide that today exists between OT and IT teams; when it comes to cybersecurity every second counts, said Southwell.
Many of the cyberattacks being launched against OT systems are also fileless, which makes then difficult for cybersecurity tools designed for IT environments to detect, he added.
As cyberattacks against OT systems continue to increase, the amount of critical infrastructure that needs to be defended is overwhelming cybersecurity professionals. Worse yet, cybercriminals are taking advantage of AI to launch attacks that are increasing in both sophistication and volume. The only way to combat those attacks is to rely more on AI to defend critical infrastructure. The challenge, of course, is that as more OT systems are deployed, the overall size of the attack surface that needs to be defended keeps increasing exponentially.
At this point, there are very few organizations that will not be taking advantage of AI to better defend platforms. The only issue that remains to be seen is to what degree. Most IT and OT professionals will not want to be held accountable for cybersecurity if they don’t have access to the tools needed to succeed.
Recent Articles By Author