44.2 F
Washington D.C.
Monday, December 5, 2022

How AI Can Enhance Critical Infrastructure Security

As we celebrate Infrastructure Security Month, we explore how AI can enhance the monitoring of physical security systems and give back valuable time to infrastructure security professionals.

Critical infrastructure security teams are charged with one of the most important duties: protecting our nation’s assets. In light of recent geopolitical and economic events, this has become even more important. Manual monitoring of access control and video systems is a large, time-consuming part of critical infrastructure protection. Such monitoring has been severely impacted by staffing shortages as organizations face challenges in hiring security officers. Macroeconomic trends such as inflation have made the problem worse by increasing the costs needed to maintain a guard force after recruitment. It has reached a point where technology and automation are necessary to keep our critical infrastructure secure.

The field of artificial intelligence (AI) has progressed tremendously over the past decade. We now have AI algorithms that can analyze massive amounts of data in various formats (video, audio, text, logs, etc.) and find anomalies. This has many applications in critical infrastructure security, especially in solving the recent monitoring challenges.

A big chunk of manual monitoring involved in infrastructure security is the monitoring of alarms from access control and video systems. These systems generate alerts which ideally should be generated only when there are breaches. However, due to factors such as hardware failures, these systems generate a large number of false or nuisance alarms. Many critical infrastructure security operations centers (SOCs) suffer from this and have multiple people solely dedicated to monitoring these false alarms. As one can expect, humans are not well suited to find the one real alarm after clearing thousands of false alarms. It is well known that operators become numb to real incidents because they have been conditioned by the thousands of false alerts that come up before that real event, leading to missed breaches induced by “alarm fatigue”. AI and automation can help solve this problem. AI can analyze data from security sensors and automatically eliminate nuisance alarms where there is no breach involved. This dramatically reduces the risk of a real event being missed, saves time and enables human security operators to focus on more important tasks.

Another significant problem in infrastructure security, which has existed since the early days of using badges for access control, is tailgating or piggybacking. This occurs when a person follows another person (or a vehicle) into a secured area without presenting a valid credential. Tailgating undermines the whole purpose of physical security, which is to ensure that anyone who is physically present in a secure facility is authorized to be there. Today, detecting tailgating requires manual monitoring of every person or vehicle entering a door or a gate. AI can automate this process by automatically analyzing the video footage corresponding to every badging event and checking if more people or vehicles enter than the number of distinct badge swipes.

Clearing false alarms and detecting tailgating solve only the symptoms of the underlying problems. The root cause behind these two symptoms is typically faulty hardware and human behavior. AI and automation can help solve those root causes as well. By having AI correlate and analyze alarms from a door or a camera over time, security teams can proactively identify faulty hardware such as a malfunctioning camera, magnetic lock or request-to-exit sensor. To solve tailgating problems, security teams can set up automated systems to send alerts to tailgating offenders to let them know an infraction has been detected and should not occur again. This raises awareness among employees and brings about behavior change over time. AI also helps ensure that critical infrastructure security teams remain compliant. TSA, NERC, UL and other organizations have strict policies on tailgating and alarm response, which are challenging to satisfy with manual monitoring.

Artificial intelligence algorithms thrive on data, and we can utilize this “hunger for data” in solving data-related problems in infrastructure security, particularly to combat insider threats. For example, every critical infrastructure facility generates millions of data points every day ranging from badges getting swiped to doors getting opened. AI can find trends and patterns in this data and alert security operators when it detects something anomalous. For example, if an employee badges in between 7 a.m. and noon on weekdays and if that badge is suddenly used on a Saturday at 2 a.m., then AI can proactively alert the security team of an anomaly that can then be investigated.

This anomaly detection can be further extended with converged data from cybersecurity and physical security. Continuing the same example above, if cyber systems say that the employee who badged in on Saturday at 2 a.m. also exfiltrated terabytes of data, then we have an even bigger problem. Today data from cybersecurity and physical security are typically in separate silos, and this is just one example of the value that can be generated by bringing them together. Another straightforward example is a scenario where an employee’s badge is presented at one location while the same person’s email account is accessed from a different location. Because of the siloed nature of cyber and physical security systems, this anomaly can easily be missed. By bringing the systems together and enabling AI to detect these types of anomalies on top of the converged data, organizations can increase the security posture of our nation’s infrastructure.

Here we have only scratched the surface of the variety of ways in which AI can enhance critical infrastructure security. One common concern with the adoption of AI is that it will lead to replacing humans and taking away jobs. However, the purpose of AI is to assist the human security operator. AI empowers security teams by taking away mundane and repetitive tasks and enabling them to focus on tasks that need real human attention and judgment. And given the current economic conditions, we want humans to focus on such tasks while AI silently works behind the scenes to reduce risk and build resilience.

Sam Joseph
Sam Joseph is the co-founder and CEO of Hakimo, an artificial intelligence solution that serves as a force multiplier for physical security teams in industries ranging from aviation to manufacturing to biotechnology. Prior to founding Hakimo, Sam was an accomplished researcher in artificial intelligence at Stanford University where he developed multiple cutting-edge AI algorithms. Sam received his BS from Indian Institute of Technology Madras and his MS from Stanford University. He is also a member of Forbes Technology Council.

Related Articles

- Advertisement -

Latest Articles