A Siemens Energy perspective on its new AI-based monitoring and detection platform, Eos.ii – which is said to “provide intelligent illumination for IoT cyber defence”

IoT Security

Modules within the Eos.ii platform provide the backbone to generate insights and actionable intelligence. (Siemens Energy)

For energy and infrastructure companies, industrial IoT opens new horizons. Innovative business models digitally connect physical assets with operational technology (OT) and information technology (IT) to improve efficiency, enhance safety, and optimise operations by leveraging innovative software applications, big data analytics, advanced sensors, and artificial intelligence (AI).

IoT is accelerating the energy transition, enabling an all-electric future, and catalysing new industries only possible with connected infrastructure. Yet a future run on industrial IoT has a glaring Achille’s heel: cybersecurity.

Today, defenders lack the capability to secure the energy sector and critical infrastructure from cyberattacks. And criminal enterprises and rival nation-states have already shown that they can hijack or destroy critical infrastructure at the touch of a button. So, if we’re going to deliver a more sustainable, accessible, and low-carbon future, we must reimagine how to secure it.

When it comes to cybersecurity, defenders are overwhelmed by the complexity and relentless change inseparable from the benefits of IoT. As companies digitise both novel and legacy technologies to operate everything in the industrial world — from renewables and electric vehicles to retrofitted smart grids, pipelines, and water treatment facilities — they also make themselves more vulnerable to cyberattacks. Every link between a physical and digital asset enhances a future attacker’s ability to hold hostage the energy and critical infrastructure systems of tomorrow. Right now, defenders are behind the curve.

Securing industrial IoT eludes even highly skilled defenders for one simple reason: most companies lack the capabilities to equally monitor, detect and act on potential cyberthreats across an operating environment of physical and digital assets.

Defenders primarily engineered their Security Operations Centers (SOCs) around the then-contemporary challenge of identifying and preventing cyberattacks on IT systems. These existing capabilities don’t match the complex threats now facing IoT networks.

Chief Information Security Officers (CISOs) and their teams of analysts must adjust to meet these threats – not of tomorrow, but of today. Companies relying on industrial IoT business models need defenders with both sophisticated IT and OT technical expertise, and SOC capabilities to secure physical assets from cyberthreats. Not only are these capabilities hard to come by, but no solution exists to level up physical cybersecurity and merge it with well-practiced digital protocols. Without a unified understanding of the industrial IoT threat landscape, defenders will continually lack the visibility to see the operating status of every connected device, let alone analyse the tremendous volume of data produced every minute to spot a potential threat.

This is the rationale for Eos.ii, the first AI-based monitoring and detection platform to serve as the foundation of an “IoT fusion SOC” for energy and critical infrastructure in an era of persistent cyberattacks, an “IoT fusion SOC” being a security operations centre capable of monitoring, detecting and acting on cyber threat intelligence for IT networks and for physical assets controlled by OT systems.

Eos.ii is an intelligent software platform, which, by design, readily adapts to future threats and empowers analysts with actionable insights that bridge the digital and physical divide within a unified SOC.

An AI-based monitoring and detection platform it automatically unifies and standardises IoT data flows, so analysts have visibility into every part of an IoT network — and can analyze anomalous behaviour that might represent a cyberthreat — in a single pane of glass.

Eos.ii uses machine learning to automatically tailor defences and prioritise high-consequence events.

As new threats emerge, Eos.ii seamlessly integrates their known characteristics into automated defenses, and allows easy manual updates to its rules-based detection engine.

With Eos.ii, defenders spend less time on routine tasks and more time conducting powerful investigations. This marks a powerful shift. Instead of reacting to attacks already underway, defenders can disrupt attacks in their early stages.

Companies can implement precision defences when confronted with breaches. Instead of all-or-nothing shutdowns, with precision defence, companies under attack can purge exactly the affected systems — no more and no less.

Eos.ii empowers defenders with the insights they need to act quickly and precisely. It’s how we secure the energy revolution against an era of rising threats.

This article first appeared in Modern Power Systems magazine.