📢 Between June 10th and June 14th I had the opportunity to attend the KTH Royal Institute of Technology Cybersecurity & Privacy Summer School. 📢 

📰 Almost concurrently Semafor wrote about how Cybersecurity continues to be a challenge even for companies such as Microsoft with significant implications & risks including in the critical Cyber-physical domain (https://lnkd.in/dHDWavU9) 📰 

The Summer school covered a wide-array of state of the art research & applications covering a wide-array of topics, with speakers from around the world covering topics ranging from understanding vulnerabilities in AI Models, Data Privacy, Innovations in cryptographic solutions, Watermarking, Hardware based security & more (https://lnkd.in/dGa_nmr6)

Looking at through the window of the world I live in, of the implications on Operational Technology, Industrial Software & Digital manufacturing, led me to three takeaways:

-System level security - The operational technology hardware & software stack is a complex combination that live both on-prem & the cloud, and employs networks, compute & storage which seem to face an ever expanding threat landscape. The recurrent mention of the challenges presented by LLM-driven threats & democratization (open-source malware & C2 Servers) of these tools, present a clear & present elevation of risk to what are not only business but (process & personnel) safety critical systems. 

-Machine Learning models & Knowledge Graphs - Several talks covered the challenges posed by protecting proprietary data in machine learning abstractions (models) which face the dual challenge of both inference based attacks & the challenge of protecting sensitive data (including securing models in ways that prevent malevolent use, while protecting IP). These were revealing given that the industrial software space continues to be primarily focused on achieving upsides while the downside challenges (for example model poisoning that may compromise operational excellence) are not yet in focus. 

-Hardware security: The threat landscape emerging from very low-level threats such as hardware trojans, compromised supply chains, and the ability to defend against sophisticated threat vectors, will present new challenges & opportunities to innovate in work flow, and re-think the entire physical security aspect of these systems. 

👇 Dall-E at work, and despite multiple attempts it did not want to get the words right 👇