Provide an overview of how manufacturers are leveraging AI to streamline processes and how it’s creating security concerns across the company. What does the emergence of AI mean from a security/risk management perspective?
As with any rapidly evolving technology—recognizing AI has been around in various forms for some time, certainly from the 1940s although some experts assert even earlier—security issues arise when not considered integral during project conception and planning. For example, companies must carefully ask questions like: how are we protecting the software on our internal network and, how are we protecting it from external threats and the internet? Additionally, it’s important to monitor who has privileges for updates or change management and know which group internally verifies the AI coding. Ensuring the code is free from errors that could affect safety or production goals can assure any interruptions in business continuity are avoided.
The key to successfully adding AI to a company’s toolbox is to incorporate security considerations into the front end of project planning. Doing so provides greater protection and is more cost-effective than attempting to build in security measures post-implementation or after an incident.
What security concerns exist when implementing some form of Artificial Intelligence on the shop floor?
Security incidents occur when access and change management privileges are not strictly controlled and back-ups are not maintained. Overseeing proper operation and implementation of AI is similar to adhering to best practices in software protection. Unfortunately, these practices are often ignored when time pressures arise, or project timelines are unrealistic.
What steps should companies take to assure they’re protected from these risks?
One of the first steps is to evaluate the reason for implementing the AI technology in the first place. The answer is often to increase efficiency or automate a process, but how is it improving your business specifically? From there, you can identify security vulnerabilities in the newly implemented AI, such as data security breaches and sensitivities to hacking, and work to mitigate these risks through a holistic risk management approach. An external risk management consultant with experience in manufacturing technology would be a worthwhile partner to develop a security strategy tailored to the organization and its needs when implementing AI solutions.
When should a manufacturing business organization engage a company like Pinkerton when they’re looking to implement AI and want to protect their sensitive information?
It’s important to consider security measures on the front end of planning and ensure initial implementation is in alignment with the company’s long-term goals for the technology. A good starting point is engaging a risk management consultant to evaluate structural and non-structural risks across the enterprise. As an additional layer of due diligence, Pinkerton has partnered with other professional services firms like Ernst & Young to complete a thorough review of a company’s intranet, software security strategy, and internal operations to ensure optimal company health and readiness for substantial process changes like implementing AI. Having a 30,000-foot view of a company’s risk profile provides a strong foundation for implementing new technology and a clear outlook for how it will enhance the business going into the future. Having an operational and tactical plan based on that view to mitigate the risks is essential for success!
B-AIM