Digitalisation and the adoption of new technologies has continued to fundamentally change many areas of UK Critical National Infrastructure (CNI) over the last few years. The widespread adoption of smart meters being driven by the UK energy sector is expected to provide a more accurate picture of the country’s energy consumption and needs at any given time by tracking in real time, while Network Rail’s Digital Railway Strategy has an objective to reduce overcrowding and delays through live timetabling supported by connected tracks. It was even recently reported that BAE Systems is developing new technology that will enable Royal Navy ships to be controlled remotely on land.
Eventually, we’re likely to begin to see more connectivity across many of these sectors, and – as the Internet of Things (IoT) continues to grow in popularity and usability among businesses, consumers and governments – across industrial systems, business infrastructure, devices and homes.
While the intentions and benefits of a more connected infrastructure are clear, there is a risk that cross-sector connectivity will mean that any vulnerabilities in one sector could easily impact another through the network. With nation state attacks expected to rise, this presents a challenge that requires a shift in the way we’ve addressed issues surrounding the security of Critical National Infrastructure in the past.
Due to the nature of these attacks – which can spread from any single node point in a network, meaning entire pieces of infrastructure are at risk from just one device being compromised – there will need to be instant access to cyber security professionals to respond to or prevent an attack. Equally, due to the national security implications, operators in these essential services will also need to be able to quickly call in state intelligence agencies to help combat live attacks.
Remote access technology – the technology behind the traditional ‘IT help desk’ – could provide a part of the solution here. While remote access software has traditionally been used to provide the remote technical support for staff within an organisation, adoption has broadened and the software is increasingly used for other applications such as training and instant access to worldwide experts across disciplines.
The real-time exchange of data and the use of remote access software to manage and monitor faraway devices offers an opportunity for experts to be digitally omnipresent across entire IoT grids. Organisations such as GCHQ could instantly ‘remote into’ safety-critical systems, such as train signals or power plants, and help combat any attacks that threaten national security.
Implementing remote access technology as a tool for remote intervention in Critical National Infrastructure could also enable employees to receive remote training on real equipment, making education and expertise widely and instantly available in real time across a network. Cyber security experts, for example, could carry out remote attack simulations, providing guidance and training to ensure those working with CNI know how to detect an attack. For example, lone workers on an oil rig or in a submarine at sea might face an IT emergency where there is not a specialist at hand at that moment. Using remote access, an expert could be sourced who could then communicate with and guide the worker to resolve the issue.
In order to enable advanced communication capabilities across Critical National Infrastructure, we need to see remote access as a tool for providing instant availability of expertise and training through all kinds of devices and systems, from industrial control systems to MRI scanners – not just the ‘IT help desk’ tool.
With this new thinking, companies could establish a secure open platform approach and exchange video, audio, text or images with any safety-critical device, enabling a vast Critical National Infrastructure ecosystem that can be safely monitored and controlled remotely. To support CNI specifically, the creation of a ‘national security help desk’ is a potential goal to aim for here. This would see the use of remote access technology to ensure skills and education are remotely and continuously available across a vast array of vital locations and infrastructure.
In the future this could eventually extend to all kinds of knowledge sharing and access that might not only keep our infrastructure secure, but also create a strong network of experts across disciplines – for example, Defence Medical Services being able to source a specialist clinician to remote into a device in the field to help with diagnosis.
At a time when the security of Critical National Infrastructure is imperative and more and more threats are becoming apparent, it is important that devices, workers and specialists can communicate with each other. Technological advancements will be key in ensuring these communication channels are opened – and remain open – so that CNI can be protected against everything from cyber attacks to a fault in the patching of a system.
If you would like to join our community and read more articles like this then please click here.