This post is part of our 2023 cybersecurity prediction series.
Edward Liebig, Global Director of Cyber-Ecosystem at Hexagon Asset Lifecycle Intelligence
The ICS/OT Skills Gap will Widen Due to Unprecedented Demand
Research has shown that the vast majority of electricity, oil and gas, and manufacturing firms have experienced cyber attacks over the past year and a half or so. Research has also shown that the cybersecurity workforce gap is growing due to high demand for skilled professionals. In addition to the intense threats against critical infrastructure systems that’s been prevalent for years, the Biden Administration’s new 100-day sprints across sectors and more regulations are released, more specialized professionals are needed to keep up. Additionally, many organizations currently lack staff with the ability to successfully integrate security practices and rigor across IT and OT departments, which is gaining significance and importance with the rise of industry 4.0 in 2023.
Industry 4.0 Will Drive the renewed IT/OT Convergence Conversation
Collaboration of IT and OT departments will continue to be the best solution for remediating vulnerabilities, tracking present and future threats, and responding to any incidents efficiently. However, the conversation will continue to be heated and overshadow the benefits of merging the security oversight and accountability of these two historically separated departments. IT-OT convergence is not a new idea. It has been around for decades and the most successful companies have reaped the benefits. The difference now is with the rise of Industry 4.0 and the interconnectedness of systems we’re seeing, collaboration between these two departments is no longer an option but a necessity. I anticipate we’ll see many major companies jumping aboard the converged security ship and observing the benefits from increased efficiencies and visibility to decreased costs and downtime.
Attacks on ICS/OT Will Result in Human Costs
We all know that attacks on critical infrastructure have real-world implications. Whether it’s contaminated water supplies or minimal access to fuel, we’ve seen the costs these cyber attacks have firsthand. While hackers’ activities will likely still be money-driven, we can expect to see human cost become more of a play in the following year. Asset visibility continues to be an issue for operators, which means securing, segmenting and hardening defenses becomes a guessing game of what’s important and what’s not. If IT and OT security convergence continues to be stunted and, thus, visibility remains poor, attacks that have been close calls in the past (such as the poisoning of the water supply from a Florida plant in 2021) will eventually have human costs.
We’ll See a Catastrophic Attack on the Energy Grid in 2023
The skills gap, recession and tensions abroad are forming a perfect storm for a major attack on the power grid in 2023. Energy experts sounded the alarm in June of 2022 that the electric grid in the U.S. wouldn’t be able to withstand the impacts of climate change, and as Ukraine stands its ground in its conflict with Russia, we’re likely to not only see more attacks on Ukrainian energy infrastructure, but the U.S.’s infrastructure as well. At the beginning of 2022, Homeland Security warned that domestic extremists had been developing plans to attack the U.S. electric power infrastructure for years. The combination of aforementioned factors makes the U.S.’s power grid more vulnerable to cyber attacks than it has been in a long time.
Kevin Price, VP Portfolio Strategy and Enablement for EAM & Technical Product Evangelist at Hexagon Asset Lifecycle Intelligence
A Down Economy Will Not be a Major Downer for EAM
The past year has shown us that companies’ need for an EAM solution are critical in both up and down economies. In a down economy, companies need to protect the assets that they do have in production and service until the economy has had the chance to rebound. On the other hand, in up economies, companies enjoy the luxury of budget expansions as they have to respond to production and increased services demands. To respond to this demand, one has to increase both the number of equipment in operation and optimize the current capabilities of current equipment. In 2023, as the uncertain economy tilts up and down, the need for EAM will remain strong and steady.
Without Access to the Right Info, Stakeholders Will Get Antsy
While all organizations fall at varying points on the digitization spectrum, depending on the industry, certain organizations are up against higher operating costs, a larger need for optimization, complex asset structures, or tight and ever-changing regulation and compliance needs. These are the industries that need clear visibility and information on their operations. With safety, output and performance goals on the line, Industry 4.0 will bring with it not only a need for increased visibility across these critical sectors, but also the need for more ways to parse that information in 2023. Everyone, from the CEO to the operator on the floor, will need accessible and digestible information to make informed decisions or risk gambling their KPIs away.
New Examples of ROI with Industry 4.0 Will Catch Fire
Increased capabilities in AI and machine learning, automation and smart digital reality will drive a previously undiscoverable return on investment. In 2023, Industry 4.0 will present a chance to reach new levels of efficiency, productivity and optimization, and all at a cost that is focused on the returns versus sunken costs into the technology itself. We’ve seen already that EAM technologies can give back 45 minutes per technician per shift, and recordings are more accurate through the value of an electronic mind. As we advance, these hidden opportunities will continue to come to light.
It Will be Clear Who Has Adopted Industry 4.0 and Who Has Fallen Behind
You can’t always predict the future, but you can prepare for it. The current symptoms need to be treated, but then it’s time to look 3, 5, or 7 years into the future. If you’re not already in the future, you’re behind. Solutions are already expanding the use of the internet as a model to deploy, implement and serve the application for customers so that they do not have to invest capital into supporting functions of their businesses versus impacts to the businesses itself.