4IR & Cyber Security

The Fourth Industrial Revolution, (4IR) or Industry 4.0 conceptualizes rapid change to technology, industries, societal patterns and processes in the 21^st century due to increasing interconnectivity and smart automation where data can access from anywhere. In the 4^th Industrial revolution, mainly focusing three things – Physical, Digital & Biological. Human mindset has been changed day by day through all the information technological innovations that usages executing are happening on 4^th industrial revolution. People are no longer interested in physical nature of the things as Artificial Intelligence (AI), Machine Learning (ML), Advance Robotics, Internet of Things (IoT), Big data Analytics, Quantum Computing and Industrial are changing industry rapidly. Transformation of the new technology, vulnerabilities & threats pattern technics are changing as a result industry become more vulnerable & in risky position. Hence Information Security is the main challenge to overcome & sustain on 4th IR Revolution.

Most of the latest technology innovation are happening by keep in mind AI, ML, Advance Robotics, IoT, Big data Analytics, Quantum Computing, etc. enabler and Recently one research came out which showed that during 2020 to 2021, about 30% cyber-attack increased where attacks patterns are unknown as those are latest technology based. For better understandings, let’s review all industrial revolution till date as follows.

First industrial revolution: Starting in the late 18th century in Britain, the first industrial revolution helped enable mass production by using water and steam power instead of purely human and animal power.

Second industrial revolution: A century later, the second industrial revolution introduced assembly lines and the use of oil, gas and electric power. These new power sources, along with more advanced communications via telephone and telegraph, brought mass production and some degree of automation to manufacturing processes.

Third industrial revolution: The third industrial revolution, which began in the middle of the 20th century, added computers, advanced telecommunications and data analysis to manufacturing processes. The digitization of factories began by embedding Programmable Logic Controllers (PLCs) into machinery to help automate some processes and collect and share data.

Fourth industrial revolution: Referred to as Industry 4.0. Characterized by increasing automation and the employment of smart machines and smart factories, informed data helps to produce goods more efficiently and productively across the value chain. Flexibility is improved so that manufacturers can better meet customer demands using mass customization—ultimately seeking to achieve efficiency with, in many cases, a lot size of one. By collecting more data from the factory floor and combining that with other enterprise operational data, a smart factory can achieve information transparency and better decisions. Technologies will drive Industry 4.0 based on Internet of Things (IoT), Cloud computing, AI, Machine learning, Edge computing, Cybersecurity, Cognitive and Digital twin.

A question was asked once. Which computer is the safest in the world? The answer is the computer that is not connected to any networks. On the other hand the most vulnerable & Risky computer is that which is connected to networks having Internet connection. Most of the solution of the 4^th IR is Application Programming Interface (API) based means applications will play all the communication through internet. There are massive possibility of a cyber-attacks to Industry, Home, Office etc. as all will be used IoT enable solution Wi-Fi. Till now Wi-Fi & Mobile based internet connectivity is the most vulnerable, that is why traditional security will not enough to defend & survive for continuing IR 4.0 environment.

Current Security Solutions & Practices will not be obsolete but by aligning with IR4.0 transformation we have to establish IR 4.0 security where monitoring, protection, analysis, notification and proactive based AI solutions requires as all the industries will be automated and human-less interaction.

Personally I prefer the hybrid model will need be continue for sustainability which means, besides of legacy cyber security solution & practices, we have to transform all with the latest AI, ML, Advance Robotics, IoT, Big data Analytics, Quantum Computing based Security. And, I am very positive that industrial sector, especially financial sector in Bangladesh are moving forward for achieving success in cyber security.

The Fourth Industrial Revolution “is characterized by a fusion of technologies – such as artificial intelligence, gene editing and advanced robotics – that is blurring the lines between the physical, digital and biological worlds. It will disrupt nearly every industry in every country, creating new opportunities and challenges for people, places and businesses to which we must respond”.

AI will be a ubiquitous technology during the forthcoming industrial revolution, since it enables entities and processes to become smart. Organizations and economies adopting AI strategically, will enjoy a competitive advantage over those who do not incorporate this technology timely and adequately. Education and soft-skills development will play an essential chapter in AI strategies. Artificial Intelligence in the Industry 4.0 will create impact on Poverty, Innovation, Infrastructure Development and the Sustainable Development Goals.

Based on the 4th industrial revolution (IR4.0), the entire social paradigm is rapidly changing.
All human beings have to adapt changes with Artificial Intelligence. But this situations can give the anxiety and fear to human beings. So it is very necessary to inquire the reality and its impacts.

By changing the way work gets done, AI helps companies make the best use of practical experience, even displacing traditional labor and becoming the productive factor itself. This transformation will unleash massive technological productivity and economic growth.

However, Isaac Asimov (A Russian-American writer and biochemist who was a prolific author and editor of science fiction and non-fiction. 2 Jan 1920 – 6 Apr 1992) said, “A robot may not injure a human being or, through inaction, allow a human being to come to harm.”. Keeping this in mind, we can breathe easy.

All technological transformation has make disruption but at the same time create new opportunities which is very natural and that also create new challenge to the cyber security industry. The definition of “disruptive technology” describes it as: “an innovation that significantly alters the way that consumers, industries, or businesses operate”, noting that: “A disruptive technology sweeps away the systems or habits it replaces because it has attributes that are recognizably superior”. Cyber security firms have traditionally been very good at coping with incremental change & act as the reactive basis.

Recently, I was reading one interesting real life use case, One lady journalist come to meet with Mr. Bill Gates (Co-founder of Microsoft Corporation) and asked that “How I would  be a Billionaire?”. At that moment Mr. Bill handed over a Blank cheque to her and told to write the amount of money as you wanted. Afterwards, she became offended and responded “Mr. Bill I am not taking it. I asked you what is the secret of your success and she refused the cheque. Mr. Gates handed over the cheque again but she refused to accept it. Bill Gates once again told her that it is your last chance, take it and put the amount you want, but she did not accept it. Bill Gates ripped up the cheque and replied “The secret my success is that I did not miss any opportunity like you just did”.

The reason behind the fact “as a human being we may miss many opportunities but a machine cannot miss any opportunity. Because it does not have any empathy. So IR4.0 will be driven by AI, ML, Advance Robotics, IoT, Big data Analytics, Quantum Computing. To ensure cyber security, sustainability, security solution will be also AI driven.

Cyber security is divided into some parts. One is protection or pro-active and other is Reactive solution. It consists of next generation End to end point security solution, End point protection, firewall, encryption, DLP, authentication, monitoring, notification for application, Network, Database, Middleware. Another one is post analysis, in cyber security there is no such thing as 99.99%. It has to be 100% because if there is a single hole there will be high possibility of an attack. Also sustainability is the most important thing. We must ensure the proper implementation of cyber security before get into 4IR era. We are going to adopt IOT/Cloud/Quantum/App/API based technology, and in such environment if we use signature based firewall. In this 4^th industrial revolution cyber security will not be protected without the help of IOT and AI.

Interestingly, Cybersecurity is more ahead in innovation. People in this sector are actually getting highest salary. Also research for protection is also the highest in cybersecurity. Industry practice is, at least 7% of your investment should be spent on IT sector and among that 7% – 20% has to be spent on cybersecurity. So, if you are not willing to spend on cybersecurity, you will have question of survival due to cyber-attacks. Since this is 4^th industrial revolution, you cannot afford to learn from the mistakes. Since we are using robotics, I also would like to introduce AI Security. However, the primary demands of the 4IR on cyber security are threefold.

For protecting 4IR Cyber-attacks we must take below initiatives for survival:

• Bio metric base access in all technology for uniqueness & accurateness.
• Cyber Security solution will be the AI, ML, Advance Robotics, Quantum Computing, IoT based because Information communication Technology will be replaced by Human.
• Establish  sophisticated  AI based complete  Security Operation Center (SOC) & Network Operation Center (NOC)
• Real time AI based Monitoring
• Real time AI based  Notification
• Up to date all the systems (End user, Servers, Database, Middleware, Network devices, Security devices, API, Application, and Environmental etc.)
• Next generation End point protection, IDS/IPS, Firewall, WAF, FIM, SIEM, MFA, DLP, Backup Solution, Monitoring solution, Notification, DMS etc.
• Regularly perform Internal & external both Vulnerability Assessment(VA) & Penetration Testing (PT)
• Comply General Data Protection Regulation(GDPR)
• Organization must achieved & maintain International standard Certification (ISO 27001-2013, PCI DSS, NIST, TIA 942 etc.)
• Trained & develop internal skill resources
• Maintain appropriate partnership with solution partner
• Mitigate & Maintain Internal, External along with Regulatory  Compliance

Last but not the least, I must say, Human firewall is the best firewall. So we must educate and Awareness to our Human Resources (HR). Well trained people & Latest technology adaption culture will ensure the maximum cyber security in this 4IR era.