General Electric Company is a conglomerate that operates in various energy and industrial segments that rely heavily on industrial control systems (ICS). Machine learning has become a pivotal element in protecting these systems against cyber-attacks. Attacks have targeted various functions of these energy and industrial companies operating on the SCADA (supervisory control and data acquisition) system. SCADA systems have been the target of probing attacks conducted by terrorist groups and nation states. According to an independent survey conducted by Business Advantage, approximately 54% of companies have experienced an ICS security incident in the past 12 months. The presence of these attacks highlights the rapidly growing market for ICS cybersecurity for vulnerable public infrastructure. As a result, General Electric has partnered with Nozomi Networks, a company well known for its cybersecurity and artificial intelligence capabilities. Together, they are aiming to leverage the megatrend of machine learning in order to protect the energy and industrial sector.
Partnership for Secure Systems
General Electric’s partnership with Nozomi Networks uses the proprietary SCADAguardian platform in order to protect ICS from various cyberattacks. SCADAguardian leverages both artificial intelligence and machine learning in order to protect the control system components. The system is designed to assist subsidiaries of GE to monitor their physical and digital infrastructure using large amounts of data that have established operating baselines. The overarching goal is to align the system with the company’s desire to optimize the “efficiency, security, and reliability” of industrial systems SCADAguardian operates in concert with GE’s Predix, which is a system that supports infrastructure and operations. The Predix system in concert with SCADAguardian provides key indicators to investigate causes of equipment malfunction or degradation.
Current and Near Future Applications
This data collected by both GE’s Predix system and SCADAguardian are quintessential examples of using machine learning to optimize performance. In the short term, General Electric has partnered with Naomi Networks to implement SCADAguard to assist with multiple levels of security. This includes security for endpoint devices and data stored in the cloud in concert with a Central Management Console (CMC), which centralizes the aggregated data. Machine learning is critical throughout these functions to complete risk assessment, threat identification, prevention, and response.
In the medium term, there are two primary areas where General Electric is weighing their investment in machine learning. The first is standardizing the defense of all plants and SCADA systems. The second is aggregating the data of SCADA systems into a defensible network with the appropriate firewalls in place. Once all of the plants are online, they are using machine learning techniques to optimize their defense against cyber-attacks.
In the short term, GE should continue to hire cybersecurity professionals for upgrades and training. With its wide expanse of geographic and networked subsidiaries, GE has the potential to be a significant target. Not only could cyberattacks on SCADA systems threaten brand image, but also endanger the lives of employees operating the machinery. While specific company data is often held confidential, on average, ICS attacks resulted in $497,097 of costs for targeted large companies in 2017 (500+ employees).
Over the next decade, GE should partner with entities in the U.S. government in order to counter the wider range of threats. The Department of Energy created an office of Cybersecurity, Energy Security, and Emergency Response (CESER) to assist with mitigation techniques. Still, there is a gap between mitigation techniques sponsored by the DOE and companies’ willingness to report incident data. Since threats range from spear phishing to Advanced Persistent Threats (APTs), where a wide span of responses is required, requiring additional funding and resources. General Electric should join in partnership with CESER in order to consolidate corporate data with classified data and improve the quality of their data analysis.
Machine learning has improved General Electric’s ability to face a complex threat on SCADA systems by leveraging SCADAguardian. In this specific case, a large conglomerate invested capital in a cybersecurity company in order to tailor products. A few questions remain – should other large companies follow a similar model and partner with outside organizations? Would it be more beneficial to grow machine learning techniques in the cybersecurity realm internally? Are there any cases where companies should develop solely internal tools for securing their ICS?
(Word Count: 717)
 Mary Ryan, “Invenergy Future Fund Leads $15 Million Investment in Industrial Cybersecurity Leader Nozomi Networks,” January 10, 2018, https://invenergyllc.com/news/invenergy-future-fund-leads-15-million-investment-in-industrial-cybersecurity-leader-nozomi-networks.
 Aaron Hand, “Partnership Combines Cybersecurity With Predictive Maintenance,” August 24, 2018, https://www.automationworld.com/article/technologies/security/partnership-combines-cybersecurity-predictive-maintenance.
 Rebecca Slayton, “Efficient, Secure Green: Digital Utopianism and the Challenge of Making the Electrical Grid ‘Smart’” Information & Culture 48, no. 4 (2013): 448-78. http://www.jstor.org.ezp-prod1.hul.harvard.edu/stable/43737372.
 Nozomi Networks, “GE Power and Nozomi Networks to Enhance Cyber Security for Energy and Industrial Operators Worldwide,” October 4, 2018, https://www.nozominetworks.com/2018/10/04/press-release/ge-and-nozomi-networks-to-enhance-cyber-security-for-energy-and-industrial-operators-worldwide/.
 Dong-Joo Kang, Hak-Man Kim, “Development of test-bed and security devices for SCADA communication in electric power system”, Telecommunications Energy Conference 2009. INTELEC 2009. 31st International, pp. 1-5, 2009.