Vital Infrastructure Vulnerable to Attack; Akamai Introduces Security Without Disrupting Operations

Critical infrastructure such as water treatment plants, electrical grids, factories, and transportation systems are increasingly vulnerable to cyber attacks. These systems are difficult to secure because many of their devices are legacy systems or too sensitive to accommodate additional security software.

To address this challenge, American cybersecurity and cloud company Akamai Technologies has introduced a new security solution that claims to protect critical systems without disrupting operational performance. The solution combines Akamai Guardicore Segmentation with Nvidia’s BlueField Data Processing Unit (DPU) hardware.

Operational Technology (OT) comprises systems that control physical processes in the real world, such as production machinery, water pumps, or electricity turbines. Industrial Control Systems (ICS) are the specific component of OT that regulates and controls industrial machinery.

The problem lies in the fact that many OT and ICS devices were designed decades ago. They were built to be stable and durable, not to counter modern cyber threats.

Traditional cybersecurity systems typically work by installing “agents”—small software programmes installed directly on devices to monitor and block threats. However, in industrial environments, installing additional software presents risks. It is analogous to adding extra load to a production machine that already operates at maximum capacity for 24 hours a day. If a malfunction occurs, the consequences extend beyond computer errors and could halt production or public services.

The security solution from Akamai and Nvidia employs an agentless approach, meaning no additional software is installed in the main system. Instead of being installed on the machines themselves, security functions are transferred to a separate hardware device called a DPU. This device operates as a “gatekeeper” standing outside the main system.

This approach also supports the Zero Trust security concept, a principle that does not implicitly trust any person or system within a network. All access must be verified. The concept is analogous to an office building with many separately locked rooms. If one room is breached, others remain protected because access is restricted.