The majority of employees are not ready to provide robots with full autonomy, a Kaspersky study has revealed. The research on the consequences of automation and increased use of robotics and other AI based machines found most don’t believe production processes run by robots can be recovered immediately in case of a cyberattack or malfunction, with 82% believing full recovery will take a few days or longer.
Cybercriminals can harm business via emails, virtual spaces, endpoints and embedded systems. And they are constantly searching for the new ways to attack, a fact companies should bear in mind when implementing new technologies such as robotics into their business processes. On the one hand, they increase the production efficiency, but on the other, they raise serious cybersecurity concerns regarding their safety and reliability. On this basis, Kaspersky conducted a survey to gather opinions on robots in the workplace from people working in specific industries and to understand if there are any challenges or security issues that arise when it introducing robots in the workplace.[1]
According to this study, most employees in companies with functioning production robots are aware of possible cybersecurity risks. Only 8% of them believe disabled robots can be fixed immediately in case of a cyberattack. More than half (51%) expect that recovery operations would take a few weeks or longer, and more the optimistic respondents (31%) are of the opinion that a return to normal production processes could happen within a few days.
Another important finding of the survey shows people are concerned about the lack of control and regulations by third parties when it comes to robots and their autonomy.
Keeping in mind risks that rapid robotization may cause, more than half (69%) of respondents say that it’s unclear who takes ultimate responsibility if robots fail during an equipment malfunction or a cyberattack. This is one of the reasons why employees want to keep leadership positions for people. The majority of respondents (75%) believe that robots can increase production efficiency but only with human oversight. Just a quarter of employees (15%) are ready to trust the management of any production process completely to an AI robot.
“In this study we asked respondents to assess not only the level of companies’ robotization but also their ability to resist related cyber risks. It turned out that many employees had mixed feelings when assessing how protected robots are. They are confident that it’s necessary to pay more attention to their security and skeptical about how quickly a robot can recover after a cyber incident. In fact, we face the concerns about the modern industrial IoT systems proper work and protection, with all the variety of complicated smart devices inside. That’s why we offer Cyber Immune solutions to protect specific enterprise units or the entire IT-system, making industrial robots, ICS machines or autonomous vehicles immune to most cyberattacks without using applied security tools. For example, Kaspersky IoT Secure Gateways can protect the IT-system, and collect and transmit field-level data to digital platforms securely, providing the full reliable picture of the equipment and production processes” comments Andrey Suvorov, Head of KasperskyOS Business Unit.
To keep your industrial computer systems protected from various threats, Kaspersky experts recommend:
- Conducting regular security assessments of OT systems to identify and eliminate possible cyber security issues.
- Establishing continuous vulnerability assessment and triage as a basement for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public.
- Performing timely updates of key components to the company’s OT network; applying security fixes and patches or implementing measures to compensate as soon as it is technically possible. This is crucial to preventing a major incident that might cost millions due to the disruptions to the production process.
- Using Industrial EDR solutions such as Kaspersky Industrial Cybersecurity for Nodes with EDR for timely detection of sophisticated threats, investigation, and effective remediation of incidents.
- Enhance your response to new and advanced malicious techniques by developing and strengthening the incident prevention, detection, and response skills of your teams. Dedicated OT security training for IT security teams and OT personnel is one of the key measures to help to achieve this goal.