Cyber Security – The Road ahead


Published on

An analyst briefing about cyber security and shaping the paradigm of the next-generation enterprise.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber Security – The Road ahead

  1. 1. Cyber Security – The Road Ahead Shaping the Paradigm of the Next-generation Enterprise Next- Karthik Sundaram, Senior Research Analyst Industrial Automation & Process Control- Europe 16-05-2012© 2012 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property ofFrost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.
  2. 2. Today’s Presenter Functional Expertise Strategic Market Research expertise in the domain of Industrial Automation and Process Control. Technical expertise in the field of Industrial Automation & Process Control. Particular expertise in: - Engineering, Design and Commissioning and of Safety Systems (Invensys Triconex) Place photo here Industry ExpertiseShadow Background More than a year of intensive research expertise in the markets of distributed control systems (DCS), for effect programmable logic controllers(PLC), human machine interface (HMI), supervisory control and data acquisition (SCADA) and product lifecycle management (PLM). What I bring to the Team Intensive experience and domain expertise in the Automation Industry Exposure to major Industry standards and architecture Global experience with leading corporates in Singapore & QatarKarthik Sundaram Career HighlightsSenior Research Extensive expertise in safety systems for Oil & Gas and Refinery projects.Analyst Worked in major projects for Invensys, India with global clients in the field of Engineering, EPC and Process Industries. This includesFrost & Sullivan - Qatar GasEurope - Fluor, USAChennai, India - CTJV, Qatar - Emerson Process Management, Singapore - Tecnicas Reunidas, Spain Education Bachelor of Engineering from Anna University, Chennai, India. 2
  3. 3. Contents Threats to Cyber Security – An Overview Cyber Attacks – A Historical Perspective The Stuxnet and its Legacy Cyber Threats- A Cause Analysis Discerning Challenges in the Industrial World Visualising the Factory of Future Cyber Security in Future of Factories Key Takeaway for IA Vendors 3
  4. 4. Threats to Cyber Security – An Overview Defining Cyber Attacks Nature of Cyber AttacksCyber Attacks are strategic crimes aimed at Politicaldisrupting industrial activity for benefits spreadacross monetary, competitive and political factors. Cyber AttacksPrimary Motive of Cyber Attacks:Hijacking industrial Automation and Control Competitive MonetarySystem (ACS) for economic and political gains. Emergence of Cyber Threats The world of industrial automation has grown significantly over the past two decades. The advent of advanced “The alarming growth of cyber threats automation and control system products such as DCS, PLC, can be attributed to two key factors- SCADA and HMI – with high-end network capabilities usage of legacy systems and end-user – have enabled end-users reduce downtime and improve reluctance in acknowledging the need productivity, considerably. for greater security investments.” However, industries with elaborate and sophisticated network layers do not possess a robust security framework An Industrial that can deal with possible intrusions and ensure process Automation safety and integrity. Vendor Source: Frost & Sullivan Analysis. 4
  5. 5. Cyber Attacks – A Historical Perspective The number of cyber attacks on industries and commercial IT networks has seen a marked increase in terms of both frequency and November 2011, Iran intensity over the last five years. December 2010, Iran Duqu Attacks in Iranian Nuclear Facility Stuxnet Attack in Iranian Nuclear January 2008, Poland Plant Public Tram System Hacked Remotely January 2003, The United States In April 2009, the Wall Street Journal reported the perpetration Cyber Attack on Davis-Besse Power of cyber attacks on electrical grids Station of First Energy in the United States. March 2000, Australia Maroochy Shire Sewage Spill in The Stuxnet attack in Iran was Australia pivotal in capturing the attention of industries towards cyber security. Source: Frost & Sullivan Analysis. 5
  6. 6. The Stuxnet and its Legacy The Stuxnet Story: Series of Key Events The Stuxnet story is still subject to popular debate but its impact on industrial cyber security is unmatched in history. In future, industrial history is likely to be divided into the pre-Stuxnet and post-Stuxnet eras. Off-springs of Stuxnet Night Dragon – extracting information from energy companies, compromising intellectual property Duqu, Nitro – Malwares that specialise in Industrial Espionage Source: The Economist & Frost & Sullivan Analysis. 6
  7. 7. Cyber Threats- A Cause Analysis Rise of Cyber Threats – Mapping the Causes End-user ignorance about risk of cyber threats End-user Lack of measurable ROI from cyber Awareness investments Primary Causes IT know-how Collaborative Collaborative trends between inter-enterprise in industries Trends disciplines increases vulnerability Network loopholes in legacy system architecture improves chances of cyber attacks “There is too much segregation between Lack of strategic IT know-how of operating IA networks and IT networks from a personnel supervision point of view and therefore Knowledge gap in Industrial IT attributed to IA is vulnerable to Cyber Attacks.” rise in cyber attacksA Leading IT Source: Frost & Sullivan Analysis. Vendor 7
  8. 8. Discerning Challenges in the Industrial WorldCyber Threats Impede Enterprise Impact on Internet Protocol DevicesIntegration • Risk of Cyber Security to impact growth• Integration of multiple enterprise and adoption of IP-based field devices by disciplines will increase organizational the end-user community productivity and enhance efficiency • Increased threat on account of IP• But greater integration increases standard’s high prevalence in the higher probability for cyber attacks layers of enterprise architectureInfluence on Wireless Technology Challenge for IA Vendors• Questions on safety and integrity of • Entry of commercial IT vendors through the wireless technology will be exacerbated by channel of cyber security will influence concerns of cyber security market dynamics of Industrial Automation• Cyber security will be a decisive factor in (IA) growth of wireless technology in future • Greater competition for IA vendors enterprises anticipated in the coming yearsThe biggest benefactor from cyber threats are commercial IT vendors and niche security solution providers , who are expected to have a greater role in the future of factories and industries. Source: Frost & Sullivan Analysis. 8
  9. 9. Visualizing the Factory of Future Vision for the Future of Factories: Mapping Technology Drivers and Demand Drivers Sustainability Resource & Environment Growth in Developing Smart Clouds Effective Data Storage Economies & Information Mgmt. Power, Infrastructure etc. Wireless Intelligence Factory Mass Customisation WLAN, Wifi, Wireless HART of the Future Flexible Manufacturing Cyber Security Robotics New human-robot interactive Securing plant floor cooperation Enterprise Integration from cyber attacks Integrating Enterprise with shop-floor Technology drivers Demand drivers Cyber Security will be the sine qua non of the next-generation enterprise Source: Frost & Sullivan Analysis.M3C6-17 9
  10. 10. Cyber Security in Factory of Future The Paradigm of Cyber Security in the Next-Generation Enterprise Flexible management policy towards Cyber Security as an exclusive strategic discipline for regulatory compliance Defense in Depth Management Strategy PolicyDeveloping an exclusive The Adoption of the Industrial workforce Exclusive Industrial Multi-level ISA-99 Industrialthat caters to industrial Industrial Cyber Cyber Network Automation & Control network security in Workforce Security Protection Systems Security future factories (IACS) approach Pro-active Threat Assessment Demilitarized Cellular Zones (DMZs) Design Continuous risk assessment of cyber threats with third party organizations for regular updatesThe post-Stuxnet era will see the dawn of greaterindustrial cyber regulations and standards. Source: Frost & Sullivan Analysis. 10
  11. 11. Key Takeaway for IA Vendors The current ACS product portfolio needs to be re-designed to meet the needs of the next-generation enterprise. The on-set of regulations and security standards is likely to improve end-user investments in implementing robust security mechanisms Emphasis on cyber security will provide new avenues for commercial IT vendors to improve their market presence in the industrial landscape. A new league of partnerships between IA vendors and commercial IT vendors will become the order of the day in future factories. Source: Frost & Sullivan Analysis. 11
  12. 12. Next StepsDevelop Your Visionary and Innovative Skills Growth Partnership Service Share your growth thought leadership and ideas or join our GIL Global Community Join our GIL Community Newsletter Keep abreast of innovative growth opportunities 12
  13. 13. Your Feedback is Important to Us What would you like to see from Frost & Sullivan?Growth Forecasts?Competitive Structure?Emerging Trends?Strategic Recommendations?Other? Please inform us by “Rating” this presentation. 13
  14. 14. Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter 14
  15. 15. For Additional Information Anna Zanchi Karthik Sundaram Marketing & Communications Executive, Senior Research Analyst, Industrial Automation & Process Control - Industrial Automation & Process Control - Europe Europe +39.02.4651 4819 +91 44 6681 4179 karthiks@frost.comSivakumar Narayanswamy Muthukumar ViswanathanProgram Manager, Practice Director,Industrial Automation & Process Control - Industrial Automation & Process Control -Europe Europe+91 44 6681 4186 +44 20 7915 15