운영기술용 사이버 보안 핵심 가이드 | 월드테크(Wurldtech)
산업인터넷은 엄청난 기회를 약속한다. 각 산업 영역에서 1%의 효율성 개선만으로 수 조원의 비용을 절감할 수 있다. 이러한 잠재력을 실현하기 위해서는 산업인터넷의 보안이 중요하다. 산업 환경에 대한 위협은 실재이며 증가하고 있다. 운영기술(OT) 환경에 대한 보안은 기존의 정보기술(IT)와 다르다. 정보기술(IT)은 디지털 정보 보호에 중점을 두었다면, 운영기술(OT)는 사람과 물리적 자산에 대한 보안에 중점을 둔다. 이러한 보안 솔루션의 요구 조건을 충족하기 위해, 산업적 사고방식, 전용 기술, 운영기술 보안에 특화된 전문성이 필요하다.
OpShield: 운영기술 환경 보안 솔루션
OpShield는 운영기술 사이버 보안 솔루션이다. OpShield는 복잡한 운영기술 네트워크를 가시적으로 보여주며, 운영기술 정책을 프로토콜 명령 수준에서 실행하며, 최소한의 혹은 운영상의 방해 없이 사용할 수 있다. OpShield는 위협적인 활동과 의도하지 않은 방해를 모니터링하고 차단하여 운영기술의 안전성과 생산성을 강화한다.
GE iFIX는 기업의 중요한 생산 데이터를 수집하고, 분석하고 공유하여 더 빠르고 나은 의사결정을 할 수 있게합니다.
Make faster, better business decisions by collecting, analyzing and sharing critical production data across your enterprise.
새롭고 스마트하며 초연결된 디바이스가 디지털 경제 시대를 이끌고 있다. 새로운 경제는 혁신을 토대로, 정보를 연료로, 산업의 리더들이 이끌고 있다.
1%의 힘
GE는 향후 15년 동안, 1%의 효율 개선으로 수 많은 산업에서 생산성 향상이 이루어져 수 조 달러의 가치가 창출될 것이라 예상한다.
연결되었다면, 보호되어야한다.
운영기술이 닫힌 시스템이라고 생각되지만, 새로운 컨트롤러의 설치와 IT 네트워크와 기존 자산의 통합으로 새로운 리스크에 노출되고 있다.
The explosion of newer, smarter and more connected devices is driving the evolution of the digital economy. It’s an economy built on innovation, fueled by information, and powered by the leaders of industry.
The power of one percent.
GE data suggests that over the next 15 years, a mere one percent improvement in industrial productivity could lead to billions of dollars in savings for the industrial sector. This translates to $8.6 trillion in gains by 2025. Connectivity offers the key to that improvement.
If it’s connected, it needs to be protected.
While many OT networks may be viewed as closed systems,
the installation of new controllers, upgrades to existing assets
and integration into broad IT networks introduces new risk.
In the rush to extract value from advanced technology,
production environments often overlook the serious
implications of a cyber security incident.
HMI/SCADA 리스크 감소
돌발적인 가동중지를 최소화하고 조직을 보호할 수 있는 핵심 단계
Decrease your HMI/SCADA risk
Key steps to minimize unplanned downtime and protect your organization
아킬레스 테스트 플랫폼(The Achilles® Test Platform)
기술이 발전하며, 더 개방되고 연결된 네트워크가 증가했다. 오일앤가스, 발전, 수처리, 화학 시설 등 핵심 시스템은 사이버 공격에 대한 위험에 기존보다 더 많이 노출되었다.
아킬레스 테스트 플랫폼은 중요한 인프라를 제작하는 기업에 중요한 도구이다. 사이버 공격으로부터 중요한 인프라를 보호할 수 있다. 아킬레스 테스트 플랫폼은 강력한 커뮤니케이션 플랫폼으로 네트워크와 운영 파라미터를 모두 모니터링하여, 취약점을 발견하고, 오류를 식별하고, 제품이 시장에 출시되기 전 수정할 수 있다.
GE Cimplicity는 이전까지 불가능했던 수준의 운영 인사이트를 제공하여 더 나은 제어와 시각화를 통해 생산성을 높이고 비용을 절감할 수 있습니다.
Enabling unprecedented insight into your operations, CIMPLICITY delivers superior control and visualization
to increase your productivity and reduce costs.
GE 월드테크는 디바이스 제조사와 시스템 운영자와 함께 사이버 위협으로부터 중요 인프라를 보호하고 있습니다.
Wurldtech, a wholly owned subsidiary of the General Electric
Company (NYSE: GE), works with device manufacturers and system operators to protect critical infrastructure against cyber threats.
IIoT-in-a-Box: Applicazioni di Internet of Things per l'automazione industriale
Presented by Andrea Ceiner, Eurotech and Barbara Angelini, IBM at SAVE 2015 in Verona (Italy)
OpShield: 운영기술 환경 보안 솔루션
OpShield는 운영기술 사이버 보안 솔루션이다. OpShield는 복잡한 운영기술 네트워크를 가시적으로 보여주며, 운영기술 정책을 프로토콜 명령 수준에서 실행하며, 최소한의 혹은 운영상의 방해 없이 사용할 수 있다. OpShield는 위협적인 활동과 의도하지 않은 방해를 모니터링하고 차단하여 운영기술의 안전성과 생산성을 강화한다.
GE iFIX는 기업의 중요한 생산 데이터를 수집하고, 분석하고 공유하여 더 빠르고 나은 의사결정을 할 수 있게합니다.
Make faster, better business decisions by collecting, analyzing and sharing critical production data across your enterprise.
새롭고 스마트하며 초연결된 디바이스가 디지털 경제 시대를 이끌고 있다. 새로운 경제는 혁신을 토대로, 정보를 연료로, 산업의 리더들이 이끌고 있다.
1%의 힘
GE는 향후 15년 동안, 1%의 효율 개선으로 수 많은 산업에서 생산성 향상이 이루어져 수 조 달러의 가치가 창출될 것이라 예상한다.
연결되었다면, 보호되어야한다.
운영기술이 닫힌 시스템이라고 생각되지만, 새로운 컨트롤러의 설치와 IT 네트워크와 기존 자산의 통합으로 새로운 리스크에 노출되고 있다.
The explosion of newer, smarter and more connected devices is driving the evolution of the digital economy. It’s an economy built on innovation, fueled by information, and powered by the leaders of industry.
The power of one percent.
GE data suggests that over the next 15 years, a mere one percent improvement in industrial productivity could lead to billions of dollars in savings for the industrial sector. This translates to $8.6 trillion in gains by 2025. Connectivity offers the key to that improvement.
If it’s connected, it needs to be protected.
While many OT networks may be viewed as closed systems,
the installation of new controllers, upgrades to existing assets
and integration into broad IT networks introduces new risk.
In the rush to extract value from advanced technology,
production environments often overlook the serious
implications of a cyber security incident.
HMI/SCADA 리스크 감소
돌발적인 가동중지를 최소화하고 조직을 보호할 수 있는 핵심 단계
Decrease your HMI/SCADA risk
Key steps to minimize unplanned downtime and protect your organization
아킬레스 테스트 플랫폼(The Achilles® Test Platform)
기술이 발전하며, 더 개방되고 연결된 네트워크가 증가했다. 오일앤가스, 발전, 수처리, 화학 시설 등 핵심 시스템은 사이버 공격에 대한 위험에 기존보다 더 많이 노출되었다.
아킬레스 테스트 플랫폼은 중요한 인프라를 제작하는 기업에 중요한 도구이다. 사이버 공격으로부터 중요한 인프라를 보호할 수 있다. 아킬레스 테스트 플랫폼은 강력한 커뮤니케이션 플랫폼으로 네트워크와 운영 파라미터를 모두 모니터링하여, 취약점을 발견하고, 오류를 식별하고, 제품이 시장에 출시되기 전 수정할 수 있다.
GE Cimplicity는 이전까지 불가능했던 수준의 운영 인사이트를 제공하여 더 나은 제어와 시각화를 통해 생산성을 높이고 비용을 절감할 수 있습니다.
Enabling unprecedented insight into your operations, CIMPLICITY delivers superior control and visualization
to increase your productivity and reduce costs.
GE 월드테크는 디바이스 제조사와 시스템 운영자와 함께 사이버 위협으로부터 중요 인프라를 보호하고 있습니다.
Wurldtech, a wholly owned subsidiary of the General Electric
Company (NYSE: GE), works with device manufacturers and system operators to protect critical infrastructure against cyber threats.
IIoT-in-a-Box: Applicazioni di Internet of Things per l'automazione industriale
Presented by Andrea Ceiner, Eurotech and Barbara Angelini, IBM at SAVE 2015 in Verona (Italy)
2018 ISPE Tieghi OT/ICS CyberSecurity per Pharma 4.0Enzo M. Tieghi
OT/ICS cyberSecurity should be one of the pillars for any Industry4.0/Pharma4.0 initiative. ISPE Italy Affiliate organized a conference at Campus Biomedico University in Rome in July 2018 on Pharma4.0. Data Integrity and Operation Continuity are requirements and Plant Floor CyberSecurity is required in digitization projects where ICS Networks should comunicate with Industrial Internet and Industrial IoT.
GE의 디지털 산업 변화 - GE's Digital Industrial Transformation PlaybookGE코리아
많은 곳에서 산업의 디지털 변화에 대해 이야기하지만, 소수의 산업기업만이 실제 변화를 겪고 있습니다. GE가 바로 그런 기업입니다. GE의 디지털 산업 변화 문서에서는 GE가 디지털 산업 변화를 경험하며 얻은 통찰, 공유, 도구, 기술 등을 전반적으로 소개합니다.
While much has been written about the digital transformation
of industry, few industrial companies have undertaken the
daunting work of actually transforming. GE has and is.
This paper provides an overview of the insights, lessons
learned, tools, and techniques that GE acquired through its
own digital industrial transformation experience.
How Java Software Re-shapes Embedded.
Good Reasons for IoT Solutions
IoT Challenges and Perceived Barriers
Legacy & Existing M2M Systems
Major Industry trends lead to M2M 2.0 and a Commodization of Distributed Systems
Mike Killian from Cisco was in attendance at Next Dimension to discuss IoT, IT/OT Convergence, and all things Smart Manufacturing. This presentation showcases the impact of Smart Manufacturing strategies as implemented across Cisco's supply chain.
IIoT solutions are providing operators with massive volumes of data while making it easier to apply them to improvements in quality and efficiency. However, the cybersecurity risk to IIoT solutions is often overlooked. Many IIoT devices reside on networks that use open connections such as Wi-Fi, cellular, or satellite. Those could inadvertently increase an ICS threat surface.
Participants in this session will learn how to configure new and existing IIoT devices in a manner that will continue providing the value of the IIoT solution while reducing the exposure to cyberattacks. Guidelines will also be provided in cases of IIoT devices, which do provide inherent security configuration options.
IoT and the Oil & Gas industry at M2M Oil & Gas 2014 in LondonEurotech
How the Internet of Things is catching up with the Oil & Gas industry.
How Eurotech's IoT architecture had its roots in the oil & gas industry, and why it is still relevant today.
Power at the edge: l'analisi del ciao di produzione previene guasti, riduce g...FaberLab
Le slide presentate da Jaume Rey (CEO, Nexional) durante il workshop "Connettere la fabbrica: le applicazioni di industria 4.0”, giovedì 12 aprile 2018, rganizzato da Faberlab il Digital Innovation Hub di Confartigianato Imprese Varese nell'ambito delle iniziative dedicate a Industria 4.0.
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)IoT613
INNOVATION AND THE INTERNET OF THINGS
IoT is shaping up to be one of the most disruptive and transformative industrial technology events in history. Analysts predict that by 2020, the data coming from tens of billions of devices will drive trillions of dollars in to the economy from new business models that make cities smarter, factories more efficient, and improve society’s overall quality of life. In this session we will take a look at how operational analytics, security concerns, and the user experience are impacting innovation around the Internet of Things.
ABOUT EMEKA
Emeka is the Senior Director for Global Alliances at Wind River, an independent subsidiary of Intel Corp. Emeka is responsible for managing Wind River’s global ecosystem of software partners, aligning them with Wind River’s go-to-market strategy for the Internet of Things and the Wind Helix product portfolio. Emeka has over 20 years of experience developing complex embedded systems and developing tools to support the development of complex embedded systems. A graduate of McGill University, Emeka enjoys cycling, running, playing tennis, jazz, travel, good food, and cheering on his daughters during their soccer matches.
Smart manufacturing is a process, not a project. Start with one machine, one cell, one line. Review what data you can collect, analyze and present, and the outcomes of possessing the resulting knowledge. If the impact is negligible, move on to something else. The data and its source are not going to disappear. Note it and come back when it is important. Read more : https://literature.rockwellautomation.com/idc/groups/literature/documents/br/smart-br001_-en-p.pdf .
Softcon Systems offers the best industrial automation solutions and is a Gold System Integrator of Rockwell Automation. Visit us : https://softcon.net.in/
OpsRamp and Mystic River are joining forces to bring you this interactive webinar. Can we create gateways between IT and OT? IT/OT convergence has been defined as the integration of information technology (IT) systems used for data-centric computing with operational technology (OT) systems used to monitor events, processes and devices and make adjustments in enterprise and industrial operations. But what this will look like and what is the new role of IT operations management? What is changing in IT and OT to align these worlds? This Tech Talk features our partner Mystic River Consulting, a firm with proven, repeatable service delivery methodologies and a proprietary platform that drives transformational IT project results, at a game changing speed. We’ll discuss the convergence of IT and OT and dive into a demonstration to show what’s possible with OpsRamp.
Watch the recording: https://www.brighttalk.com/webcast/17791/416457
Learn more at https://www.opsramp.com
Also, follow us on social media channels to learn about product highlights, news, announcements, events, conferences and more:
Twitter - https://www.twitter.com/OpsRamp
LinkedIn - https://www.linkedin.com/company/opsramp
Facebook - https://www.facebook.com/OpsRampHQ/
John kingsley OT ICS SCADA Cyber security consultantJohn Kingsley
John kingsley OT ICS SCADA Cyber security consultant
SCADA ICS Security Courses
Lack of SCADA ICS security professionals that lead to big gaps between compliance against the respected guidelines with the real situation at site. Critical needs for proper security professional in SCADA ICS
SCADA ICS Security Assurance
Ensuring the SCADA ICS environment to comply with the security requirements in order to maintain the production operations and sustain the business performance
SCADA ICS (OT) Security Services
SCADA ICS Security Services Summary
SCADA ICS Security Asset Management
SCADA ICS Security Risk Management
SCADA ICS Security Assessment
SCADA ICS Standard, Policy & Procedure Management
SCADA ICS Security Implementation
Cyber Security Services
Vulnerability Assessment
Penetration Testing
ISO 27001 Certified Management System Audit
GE 글로벌 파워플랜트 분석 보고서(GE Global Power Plant Efficiency Analysis)
GE는 현존하는 하드웨어와 소프트웨어 솔루션을 최대로 적용하여 전 세계 석탄과 가스 화력 발전소에서 배출되는 이산화탄소를 10% 가량 저감할 수 있다는 새로운 분석 결과를 발표했습니다.
이번 분석은 기존의 기술을 사용하여 발전 시설을 개선함으로써 거둘 수 있는 탄소 저감량을 세계 최초로 정량화했습니다.
[GE Innovation Forum 2015] The Future of Work in Korea by Marco AnnunziataGE코리아
[GE Innovation Forum 2015] The Future of Work in Korea by Marco Annunziata
'산업과 일의 미래 – 한국’보고서
GE수석이코노미스트 마르코 아눈지아타
The Paper of ‘The Future of Work in Korea’
by Marco Annunziata, GE Chief Economist
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
2018 ISPE Tieghi OT/ICS CyberSecurity per Pharma 4.0Enzo M. Tieghi
OT/ICS cyberSecurity should be one of the pillars for any Industry4.0/Pharma4.0 initiative. ISPE Italy Affiliate organized a conference at Campus Biomedico University in Rome in July 2018 on Pharma4.0. Data Integrity and Operation Continuity are requirements and Plant Floor CyberSecurity is required in digitization projects where ICS Networks should comunicate with Industrial Internet and Industrial IoT.
GE의 디지털 산업 변화 - GE's Digital Industrial Transformation PlaybookGE코리아
많은 곳에서 산업의 디지털 변화에 대해 이야기하지만, 소수의 산업기업만이 실제 변화를 겪고 있습니다. GE가 바로 그런 기업입니다. GE의 디지털 산업 변화 문서에서는 GE가 디지털 산업 변화를 경험하며 얻은 통찰, 공유, 도구, 기술 등을 전반적으로 소개합니다.
While much has been written about the digital transformation
of industry, few industrial companies have undertaken the
daunting work of actually transforming. GE has and is.
This paper provides an overview of the insights, lessons
learned, tools, and techniques that GE acquired through its
own digital industrial transformation experience.
How Java Software Re-shapes Embedded.
Good Reasons for IoT Solutions
IoT Challenges and Perceived Barriers
Legacy & Existing M2M Systems
Major Industry trends lead to M2M 2.0 and a Commodization of Distributed Systems
Mike Killian from Cisco was in attendance at Next Dimension to discuss IoT, IT/OT Convergence, and all things Smart Manufacturing. This presentation showcases the impact of Smart Manufacturing strategies as implemented across Cisco's supply chain.
IIoT solutions are providing operators with massive volumes of data while making it easier to apply them to improvements in quality and efficiency. However, the cybersecurity risk to IIoT solutions is often overlooked. Many IIoT devices reside on networks that use open connections such as Wi-Fi, cellular, or satellite. Those could inadvertently increase an ICS threat surface.
Participants in this session will learn how to configure new and existing IIoT devices in a manner that will continue providing the value of the IIoT solution while reducing the exposure to cyberattacks. Guidelines will also be provided in cases of IIoT devices, which do provide inherent security configuration options.
IoT and the Oil & Gas industry at M2M Oil & Gas 2014 in LondonEurotech
How the Internet of Things is catching up with the Oil & Gas industry.
How Eurotech's IoT architecture had its roots in the oil & gas industry, and why it is still relevant today.
Power at the edge: l'analisi del ciao di produzione previene guasti, riduce g...FaberLab
Le slide presentate da Jaume Rey (CEO, Nexional) durante il workshop "Connettere la fabbrica: le applicazioni di industria 4.0”, giovedì 12 aprile 2018, rganizzato da Faberlab il Digital Innovation Hub di Confartigianato Imprese Varese nell'ambito delle iniziative dedicate a Industria 4.0.
Innovation and the Internet of Things - Emeka Nwafor (Wind River Systems)IoT613
INNOVATION AND THE INTERNET OF THINGS
IoT is shaping up to be one of the most disruptive and transformative industrial technology events in history. Analysts predict that by 2020, the data coming from tens of billions of devices will drive trillions of dollars in to the economy from new business models that make cities smarter, factories more efficient, and improve society’s overall quality of life. In this session we will take a look at how operational analytics, security concerns, and the user experience are impacting innovation around the Internet of Things.
ABOUT EMEKA
Emeka is the Senior Director for Global Alliances at Wind River, an independent subsidiary of Intel Corp. Emeka is responsible for managing Wind River’s global ecosystem of software partners, aligning them with Wind River’s go-to-market strategy for the Internet of Things and the Wind Helix product portfolio. Emeka has over 20 years of experience developing complex embedded systems and developing tools to support the development of complex embedded systems. A graduate of McGill University, Emeka enjoys cycling, running, playing tennis, jazz, travel, good food, and cheering on his daughters during their soccer matches.
Smart manufacturing is a process, not a project. Start with one machine, one cell, one line. Review what data you can collect, analyze and present, and the outcomes of possessing the resulting knowledge. If the impact is negligible, move on to something else. The data and its source are not going to disappear. Note it and come back when it is important. Read more : https://literature.rockwellautomation.com/idc/groups/literature/documents/br/smart-br001_-en-p.pdf .
Softcon Systems offers the best industrial automation solutions and is a Gold System Integrator of Rockwell Automation. Visit us : https://softcon.net.in/
OpsRamp and Mystic River are joining forces to bring you this interactive webinar. Can we create gateways between IT and OT? IT/OT convergence has been defined as the integration of information technology (IT) systems used for data-centric computing with operational technology (OT) systems used to monitor events, processes and devices and make adjustments in enterprise and industrial operations. But what this will look like and what is the new role of IT operations management? What is changing in IT and OT to align these worlds? This Tech Talk features our partner Mystic River Consulting, a firm with proven, repeatable service delivery methodologies and a proprietary platform that drives transformational IT project results, at a game changing speed. We’ll discuss the convergence of IT and OT and dive into a demonstration to show what’s possible with OpsRamp.
Watch the recording: https://www.brighttalk.com/webcast/17791/416457
Learn more at https://www.opsramp.com
Also, follow us on social media channels to learn about product highlights, news, announcements, events, conferences and more:
Twitter - https://www.twitter.com/OpsRamp
LinkedIn - https://www.linkedin.com/company/opsramp
Facebook - https://www.facebook.com/OpsRampHQ/
John kingsley OT ICS SCADA Cyber security consultantJohn Kingsley
John kingsley OT ICS SCADA Cyber security consultant
SCADA ICS Security Courses
Lack of SCADA ICS security professionals that lead to big gaps between compliance against the respected guidelines with the real situation at site. Critical needs for proper security professional in SCADA ICS
SCADA ICS Security Assurance
Ensuring the SCADA ICS environment to comply with the security requirements in order to maintain the production operations and sustain the business performance
SCADA ICS (OT) Security Services
SCADA ICS Security Services Summary
SCADA ICS Security Asset Management
SCADA ICS Security Risk Management
SCADA ICS Security Assessment
SCADA ICS Standard, Policy & Procedure Management
SCADA ICS Security Implementation
Cyber Security Services
Vulnerability Assessment
Penetration Testing
ISO 27001 Certified Management System Audit
GE 글로벌 파워플랜트 분석 보고서(GE Global Power Plant Efficiency Analysis)
GE는 현존하는 하드웨어와 소프트웨어 솔루션을 최대로 적용하여 전 세계 석탄과 가스 화력 발전소에서 배출되는 이산화탄소를 10% 가량 저감할 수 있다는 새로운 분석 결과를 발표했습니다.
이번 분석은 기존의 기술을 사용하여 발전 시설을 개선함으로써 거둘 수 있는 탄소 저감량을 세계 최초로 정량화했습니다.
[GE Innovation Forum 2015] The Future of Work in Korea by Marco AnnunziataGE코리아
[GE Innovation Forum 2015] The Future of Work in Korea by Marco Annunziata
'산업과 일의 미래 – 한국’보고서
GE수석이코노미스트 마르코 아눈지아타
The Paper of ‘The Future of Work in Korea’
by Marco Annunziata, GE Chief Economist
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
GE코리아를 소개합니다. GE의 혁신, 사업, 리더십, 기업시민활동, 비전과 전략, 현지화활동, 파트너십 등 GE코리아의 모든 것을 알려드립니다.
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
GE코리아를 소개합니다. GE의 혁신, 사업, 리더십, 기업시민활동, 비전과 전략, 현지화활동, 파트너십 등 GE코리아의 모든 것을 알려드립니다.
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
GE LV5 1500V 태양광 인버터(LV5 1500V Solar Inverter)GE코리아
태양광발전의 미래를 견인하는 LV5 1500V 인버터
태양광은 신재생에너지원 중 기술 개발이 가장 빠르게 이루어져 지속적이고 가파른 성장이 기대되는 에너지원이다. 글로벌 산업 분석 기구 IHS는 올해 세계 태양광 시장의 전망을 전년대비 17% 증가한 67기가와트(GW)로 전망하고 있다. 국제재생에너지기구(IRENA)에 따르면 세계 태양광 발전 용량은 2030년까지 최대 2500GW까지 늘어날 전망으로, 2030년에 태양광이 세계 발전량에서 차지하는 비중은 13%로 높아질 것이라고 예상했다.
Maximizing Bankability and Productivity throughout lifetime for Utility Scale Solar PV Power Plants
LV5 1500V Solar Inverter
GE Power Conversion
국가든 기업이든 리더가 어떤 리더십을 발휘하느냐에 따라 흥망이 결정된다. 전세계 어디에 가나 리더십을 교육하는 기관들은 넘쳐나지만 인재 발굴 양성, 리더십 교육에 있어 세계 최고라는 찬사를 받고 있는 곳이 바로 GE크로톤빌이다. GE 리더십 인재양성 비결을 배우기 위해 그동안 무수히 많은 국내외 기업인들이 GE크로톤빌로 향했다. 전세계 최고 리더십 양성기관 GE크로톤빌의 라구 크리슈나무르티 원장이 지난 120여년간 GE가 세계 최고 기업중 하나로 군림하는데 결정적 역할을 한 GE 리더십 양성법에 대해 이야기한다.
- GE크로톤빌이 세계적인 리더십 양성기관이 된 비결은
- 현재 리더십은 과거의 리더십과 어떻게 다른가
- 리더십이 탁월한 사람들에게서 발견할 수 있는 공통분모는
- GE크로톤빌에서 리더십 교육을 할 때 가장 강조하는 덕목은
- 리더십을 발휘할 때 가장 커다란 장애물이 되는 것은
라구 크리슈나무르티 (GE, CLO 겸 크로톤빌 원장)
산업용 클라우드 플랫폼 - 프레딕스, Industrial cloud platform – Predix, 2016스마트공장 국제 컨퍼런스GE코리아
2016 스마트공장 국제 컨퍼런스
산업용 클라우드 플랫폼 - 프레딕스
Industrial cloud platform – Predix
"어제까지는 제조산업 기반의 회사였지만, 이제는 데이터 및 분석 회사로 거듭나야 합니다." 제프 이멜트 GE 회장 및 최고경영자
클라우드를 통해 생산현장을 개선합니다. 실제 현장 과 디지털 현장 이 서로 소통합니다. 1%의 생산성 개선으로 GE 내부적으로만 $500MM(6조원)를 절감할 수 있습니다.
GE의 스마트 공장, 생각하는 공장(Brilliant Factory) - 2016 스마트공장 국제 컨퍼런스GE코리아
2016 스마트공장 국제 컨퍼런스
GE의 스마트 공장, 생각하는 공장(Brilliant Factory)
"어제까지는 제조산업 기반의 회사였지만, 이제는 데이터 및 분석 회사로 거듭나야 합니다." 제프 이멜트 GE 회장 및 최고경영자
클라우드를 통해 생산현장을 개선합니다. 실제 현장 과 디지털 현장 이 서로 소통합니다. 1%의 생산성 개선으로 GE 내부적으로만 $500MM(6조원)를 절감할 수 있습니다.
"Brilliant Factory는 최신 기술을 사용해서 실시간으로 일관되게 운영최적화를 하고자 하는 GE의 헌신입니다. 이것은 전적으로 사고방식에 변화를 뜻합니다." Christine Furstoss, GE글로벌리서치 글로벌 기술 디렉터
산업인터넷, M2M, 머신투머신, 사물인터넷
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
[GE Innovation Forum 2015] The GE Store for Technology (한글), GE의 미래 기술 리스트GE코리아
[GE Innovation Forum 2015] The GE Store for Technology (한글), GE의 미래 기술 리스트
GE 스토어는 모든 비즈니스를 위해, 다른 어디에서도 제공할 수 없는 기술·제품 개발과 서비스를 제공할 수 있습니다.
GE글로벌리서치 연구진이 내놓는 결과물은 GE 사업부들의 실행 계획, 제품 로드맵과 직접 연관되어 있습니다. 분기마다 GE 사업부의 리더들은 GE글로벌리서치의 기술 부문 리더들과 만나 포트폴리오를 함께 검토합니다.
이 자료에서는 GE 스토어를 통해 얻어진 첨단기술의 융합이 GE 비즈니스에 어떤 새로운 가치를 주는지에 대한 구체적인 사례를 볼 수 있습니다.
GE 스토어는 저희가 진행하는 모든 것들을 이끌어주는 혁신 엔진입니다. GE 스토어를 찾아주셔서 감사합니다. 우리의 연구를 여러분과 함께 공유하고 싶습니다.
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
2014 미래에너지 포럼에서 GE 오일&가스 발표 자료. 기술혁신으로 가스를 주요 자원으로 등장한 배경과 가스 생산/소비의 미래를 설명하였고, 산업인터넷, 빅데이터 등의 소프트웨어를 활용해 스마트에너지로 발전하는 GE가 제시하는 가스 산업의 미래를 설명.
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
GE조선해양 비지니스를 소개합니다. 한국에는 GE의 Global Offshore & Marine 본부가 위치하여, 조선해양 비지니스를 선도하고 있습니다.
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
산업인터넷, 사물인터넷, 생산성, 클라우드컵퓨팅, 웨어러블, 빅 데이터, 유저인터페이스
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
GE가 추진 중인 미래기술의 방향입니다. 크게 6개 분야로 진행중입니다. 산업인터넷, 극한의 기계, 수퍼 소재, 전천후 에너지, 생각하는 공장(Brilliant Factory) 그리고 마인드 맵핑 분야입니다. 이미 6개 분야에서 열심히 연구개발을 진행 중이라, 성과가 나온 것도 많지만 더 높은 수준까지 개발하기 위해 노력하고 있습니다.
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
[GE Innovation Forum 2015] GE Technology Story (한글)GE코리아
[GE Innovation Forum 2015] GE Technology Story (한글)
‘GE이노베이션포럼 2015’에서 공식자료집과 함께 제공된 이 책자는 GE의 첨단기술에 대한 이야기를 담고 있습니다.
첨단 인프라 기술을 기반으로 한 GE만의 경쟁우위를 나타내는 개념인 GE 스토어를 중심으로, GE의 신기술을 설명합니다. GE의 기술을 통한 사회적 커뮤니케이션을 담은 스토리텔링 북인 셈입니다. 그동안 발행되었던 GE코리아의 디지털 콘텐츠를 엄선하여 간추려 정리하였습니다.
GE는 자사의 웹사이트를 다양한 기원과 형태를 지닌 GE 콘텐츠들이 있는, 흘러가는 집이라고 표현합니다. 스토리를 말하거나 쓰는 사람, 읽거나 듣는 사람들이 자유롭고 유동적으로 콘텐츠를 활용하는 것이 중요하다는 의도일 것입니다.
GE만이 들려줄 수 있는 기술친화적 스토리텔링 콘텐츠들이 더 많은 이들과 만나 새로운 아이디어나 영감으로 이어지기를 희망합니다.
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
GE ADGT (Aeroderivative Gas Turbines) Application iGas
GE코리아 뉴스레터를 구독하세요! http://goo.gl/IE8WS8
GE코리아 YouTube 채널을 구독하세요! http://goo.gl/M2gc8m
상상을 현실로 만듭니다. Imagination at work.
GE가 꿈꾸는 가치입니다. 아니, GE는 단지 꿈만 꾸고 있는 것이 아닙니다. 상상을 현실로 만들기 위해, 불가능했던 것을 가능하게 만들기 위해 쉬지 않고 움직이고 있습니다. GE는 에너지, 의료, 항공, 수송, 금융 등의 여러 분야에서 고객과 인류사회의 진보를 위해 더 편리하고 빠르며 친환경적인 솔루션을 찾아냅니다.
Connect with GE Online:
GE코리아 웹사이트: http://www.ge.com/kr/
GE리포트코리아: http://www.gereports.kr/
GE코리아 페이스북 페이지: hhttps://www.facebook.com/GEKorea
GE코리아 슬라이드쉐어: http://www.slideshare.net/GEKorea
The Internet of Things (IoT) already helps billions of people. Thousands of smart, connected devices deliver new experiences to people throughout the world. Examples include connected cars, robotic manufacturing, smarter medical equipment, smart grid, countless industrial control systems and many more. Unfortunately, this growth in connected devices brings increased security risks. Threats quickly evolve to target this rich and vulnerable landscape. Serious risks include physical harm to people, prolonged downtime, and damage to equipment such as pipelines, blast furnaces, power generation facilities etc. As several such facilities and IoT systems have already been attacked and materially damaged, security must now be an essential consideration for anyone making or operating IoT devices or systems, particularly for the industrial Internet.
How can anyone secure the IoT? IoT systems are often highly complex, requiring end-to-end security solutions that span cloud and connectivity layers, and support resource-constrained IoT devices that often aren’t powerful enough to support traditional security solutions. Security must be comprehensive or attackers simply exploit the weakest link. Of course, traditional Information Technology (IT) systems often drive and handle data from IoT systems, but IoT systems themselves have unique additional security needs.
The security solution should be powerful and easy-to-deploy foundations of security architectures to mitigate the vast majority of security threats to the Internet of Things, including advanced and sophisticated threats. This paper describes the necessity and strategies for easy and effective implementation. No single, concise document can cover all of the important details unique to each vertical. Instead, this paper attempts to provide advice applicable to all verticals, including automotive, energy, manufacturing, healthcare, financial services, government, retail, logistics, aviation, consumer, and beyond.
OT - How IoT will Impact Future B2B and Global Supply Chains - SS14Mark Morley, MBA
This presentation was originally given at an EDIFICE plenary in Brussels in May 2014. EDIFICE is a European based industry association driving B2B standards across the high tech industry. The presentation discussed digital disruption and how the Internet of Things is likely to impact future design of B2B platforms and global supply chains. - Updated March 2015
The fourth stage of the Industrial Revolution is upon us due to the far-reaching integration, accelerated by the Internet of Things, of Operational Technology (OT) and Information Technology (IT). This creates completely new opportunities as a result of new combinations of mental, physical and mechanical work by integrating the internet, sensors and embedded systems.
The Internet of Things enabled IT/OT convergence leads to cost reduction as a consequence of predictive maintenance, speed and intelligence, thanks to Machine-to-Machine communication and improved forms of Human-Machine Interaction. M2M interaction between and within machines and systems is the cyber-physical heart of the Fourth Industrial Revolution.
White Paper: IoT Security – Protecting the Networked SocietyEricsson
The Internet of Things (IoT) is expanding rapidly, and is expected to comprise 18 billion connected devices by 2022. But the assumptions of trust which formed the backdrop to the early development of the internet no longer apply in the early stages of IoT development. Privacy and security concerns are ever increasing, especially given the growing significance of IoT in corporate, government, and critical infrastructure contexts. Likewise, the commodification of IoT components incorporated across diverse product ranges and deployed in both managed and unmanaged use cases brings significant security challenges and creates potential for novel types of attack. The proactive cooperation of all key stakeholders will be necessary to realize the considerable economic benefits of the IoT, while protecting security, safety, and privacy.
Now It Is Easily To Be Maintain The Industrial Machine- Part 2Infyiot Solutions
In today’s fast-growing industrial world, the Internet of Things has emerged as a transformative force. Among its many applications, the Industrial Internet of Things stands out in improving operations and productivity to attain business growth. At the heart of this technological revolution is the IIoT Gateway, a key component that facilitates seamless connectivity by providing real-time data for machine analytics.
As early as the end of 2012, General Electric proposed that industrial equipment should be integrated with IT technology.
In 2013, General Electric officially introduced the concept of the Industrial Internet of Things revolution. This is also the first time that the Industrial Internet of Things has been formally proposed.
An Internet of Things Reference Architecture Symantec
The Internet of Things (IoT) already helps billions of people. Thousands of smart, connected devices deliver new experiences to people throughout the world, lowering costs, sometimes by billions of dollars. Examples include connected cars, robotic manufacturing, smarter medical equipment, smart grid, and countless industrial control systems. Unfortunately, this growth in connected devices brings increased security risks. Threats quickly evolve to target this rich and vulnerable landscape. Serious risks include physical harm to people, prolonged downtime, and damage to equipment such as pipelines, blast furnaces, and power generation facilities. As several such facilities and IoT systems have already been attacked and materially damaged, security must now be an essential consideration for anyone making or operating IoT devices or systems, particularly for the industrial Internet.
IBM X-Force Threat Intelligence Quarterly,
4Q 2014
Get a closer look at today’s security risks—from new threats arising from within the
Internet of Things, to the sources of malware and botnet infections.
Many consumer guides have been written outlining how Internet of Things technologies might apply to individuals’ lives, but not much exists to give executives and project managers an overview before embarking on the business of the Internet of Things (IoT) and Machine-to-Machine (M2M) communications.
That’s why Aeris has written an eBook that focuses on how the burgeoning IoT ecosystem impacts business. We know that to get started with IoT and M2M for your business, you’ll need a basic understanding of what makes it all work.
Report 3 the fourth industrial revolution - things to tighten the link betwe...Rick Bouter
This report was all about the fourth stage of the Industrial Revolution made possible by the far-reaching integration of Operational Technology (OT) and Information Technology (IT). The IT/OT convergence and the end-to-end ecosystems that are under development – from design and production to client interaction and advanced Maintenance, Repair & Overhaul (MRO) – enable a future in which appliances, devices, things and machines for professionals and private people will communicate with central systems, with one another, and with users for the purpose of providing the best possible facilities to makers, service providers, legislators and customers.
Source, Sogeti ViNT: http://vint.sogeti.com/internet-things-4-reports/
The convergence of integrated software, efficient hardware and modern networking infrastructure has created a new technology environment. Industry 4.0 sits at the convergence of these technologies and enables many industries that we actively track. Catalyst Investors’ history in software and TMT is quite relevant to Industry 4.0. We are excited to meet and partner with growth stage companies that are built as Industry 4.0 solutions from the ground up, as well as existing service businesses that can adopt Industry 4.0 technologies as an evolution.
The Internet of Things (IoT) is actively shaping both the industrial and consumer worlds. Smart tech finds its way to every business and consumer domain there is-from retail to healthcare, from finances to logistics-and a missed opportunity strategically employed by a competitor can easily qualify as a long-term failure for companies who don't innovate. Check out our latest PPT for more details.
The Internet Of Things will have an increasing impact to all industries and health and fitness are no exception. This definitive guide provides a blue print for the things we all need to keep in mind as we adopt the IOT revolution.
F5 Networks: The Internet of Things - Ready InfrastructureF5 Networks
The world of smart devices talking to each other—and to us—is well
underway and here to stay. To connect to the Internet of Things
opportunity, it’s key to design and build networking infrastructures that can handle massive amounts of new data.
Similar to 운영기술용 사이버 보안 핵심 가이드 | 월드테크(Wurldtech) (20)
약 168,000명의 직원이 전 세계 175여개 국가에서 고객, 파트너, 지역사회 및 정부와 협력하여, 에너지, 건강, 항공 분야에서 세상에서 가장 시급한 지속가능성 문제를 해결하기 위해 기술을 적용하고 혁신해왔습니다. GE 직원은 매일 더 나은 세상을 만들기 위해 도전하면서 더 연결되고, 건강하며, 지속가능한 미래를 만들기 위해 노력을 아끼지 않습니다.
Proficy Historian & Operations Hub - 통합 엔터프라이즈 데이터 관리 GE코리아
Historian은 매우 신속하게 산업데이터를 수집하고, 효율적이고 안전하게 저장하고, 배포하며, 빠른 검색 및 분석을 수행합니다.
Operations Hub는 언제 어디서나 모든 장치에서 쉽게 액세스하고 분석할 수 있는 포괄적인 정보를 제공하며, 산업용 애플리케이션(시각화, 연결, 데이터집계)을 신속하게 구축할 수 있는 개발 환경을 제공합니다.
Proficy CSense는 원시 데이터를 신속하게 비즈니스 가치로 전환하여, 기업이 비용을 절감할 수 있도록 지원합니다. Proficy CSense는 엔지니어와 데이터 과학자들에게 설정값에 대한 실시간 분석, 모니터링, 예측, 시뮬레이션, 최적화 및 제어 기능 등 한 패키지에 고유한 다섯 가지 분석 기능을 제공합니다.
GE애디티브는 2016년 9월에 출범했습니다. 금속 3D 프린터와 프로토타입과 서비스, 프린터에 사용되는 재료의 판매, 그리고 애드웍스™ (AddWorks™) 컨설팅 서비스를 제공하며, 고객의 사업에 적층제조 기술의 도입•보급을 가속화하는 데 앞장 서고 있습니다.
GE는 적층제조 기술의 가능성을 그 누구보다 빨리 이해하여, 전략적으로 자사 제품의 기획, 설계, 개발, 시제품 제작, 양산까지 적층제조 기술을 도입했습니다.
스스로 적층제조 기술로 부품을 개발하고 양산함으로써, 설계 엔지니어가 마주한 다양한 설계 제약에서 해방시켰을 뿐 아니라, 내구성이 뛰어난 경량의 고기능성 제품을 저비용으로 만들 수 있음을 입증했습니다.
GE는 적층제조 기술의 발전을 위해, 이 분야의 전문가들을 한 곳에 모은 네트워크를 적극적으로 구축해 왔습니다.
컨셉 레이저, 아캄, AP&C의 노하우와 GE의 재료과학과 적층제조 기술을 결합시켜, GE의 여러 사업부는 새로운 서비스와 적용 사례를 개발할 수 있었고, 이는 다수의 특허 기술 개발로 이어졌습니다.
GE애디티브는 지금까지 축적한 노하우와 기술의 무한한 가능성에 확신을 갖고, 적층제조 기술의 보급을 통해 제조업 혁신을 이끌어 가고자 합니다.
How to Uncover Successful Additive Applications that Lead to Profitable GrowthGE코리아
What is additive manufacturing?
3D PRINTING
Additive manufacturing, also knows as 3D printing, is a process that creates a physical object from a digital design file.
Additive manufacturing enables engineers to design parts, systems and shapes once thought
impossible to make. Additive manufacturing allows for complex design geometries, making products that are lighter, stronger and more efficient, revolutionizing products in many industries.
Why additive …
Expands what is possible … opens up new engineering capabilities and business opportunities to optimize part & system designs in a way we cannot with traditional manufacturing processes
Improves quality … eliminates design trade offs; reduced defect opportunities, digital v. analog control, reduced anomaly size and frequency v. traditional castings Simplifies systems … more robust designs, reduced part counts, reduced braze/weld/rivet/bolted joints and assemblies; optimized systems
LOGIQ E10 으로 당신의 전문성을 지원하고 실무를 다음 단계로 나아가도록 돕고 싶습니다. 이 플랫폼은 향상된 이미징, 고급 도구 및 향상된 워크 플로우를 제공하므로 의사는 광범위한 조건에서 환자를 검색하고 진단하며 치료할 수 있습니다. LOGIQ E10 을 사용하면 간결한 워크 플로우로 포괄적인 도구를 사용해 진단할 수 있습니다
GE Additive, 21st century Paradigm Shifter - Use cases in GEGE코리아
GE는 최근 20년 이상 적층제조 기술의 연구개발에 투자해왔고, GE의 사업부 내부에서 실제 적층제조 기술을 구현 및 적용했습니다. 성과는 놀라웠죠. 이제 GE는 GE의 고객들과 함께 적층제조를 통한 제조업 혁신과 성공의 길을 가려 합니다.
GE애디티브(GE Additive) 사업부는 GE의 고객 기업들에게 적층제조 기계, 재료, 컨설팅 서비스를 제공합니다. 독일 뮌헨과 미국 피츠버그에 새로 생긴 고객체험센터(CEC, Customer Experience Center)에서는 고객에게 적층제조 기술 분야를 더 효과적으로 지원하고 있습니다.
GE Additive is part of GE, the world’s Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. GE Additive includes additive machine providers Concept Laser and Arcam, along with additive materials provider AP&C.
GE 에너지모니터링시스템(EMS), 2018평창동계올림픽대회의 원활한 전력운영 지원GE코리아
GE 에너지모니터링시스템(EMS)
2018평창동계올림픽대회의 원활한 전력운영 지원
GE의 혁신적인 디지털산업기술이 에너지모니터링시스템(EMS)를 통해 올림픽에 최초로 적용됩니다. 2018 평창동계올림픽대회가 개최될 16개 대회 시설의 전력 사용량과 공급 상태를 실시간으로 확인하고 관리하는 디지털스레드 역할을 합니다. 이를 통해 올림픽 경기장과 경기 운영, 중계 방송 송출을 비롯해 전력이 필수적인 모든 과정에서 문제의 원인을 신속하게 진단하고 해결할 수 있도록 돕습니다.
GE 이노베이션 포럼 2017 LIVE 발표자료 - 빌 루 GE 최고디지털책임자 겸 GE Digital 사장GE코리아
GE이노베이션 포럼 2017 LIVE 발표자료
빌 루 (Bill Ruh) : GE 최고디지털책임자 겸 GE Digital 사장
Becoming Digital Industrial
GE Innovation Forum 2017 Live
전 세계적으로 4차 산업혁명이라는 혁신의 물결이 거세게 확산되고 있는 가운데, 한국제조업의 위기감은 점점 높아지고 있습니다. 사물인터넷과 빅데이터, 인공지능(AI) 등 첨단 IT 기술 융합이 이뤄지면서 국내 제조업은 더욱 큰 변화의 시기를 지나고 있습니다. 이러한 변화 속에서 기업이 생존하기 위해 디지털 트랜스포메이션을 통한 한국제조업 생산성 혁신과 디지털 시대에 어울리는 강력한 조직문화 구축이 요구되고 있습니다.
실시간 스트리밍으로 진행되는 이번 GE 이노베이션포럼 라이브에서는 디지털 산업 시대를 선도하고 있는 GE 최고디지털책임자(CDO) 빌 루(Bill Ruh)와, 국내 산업 혁신 전문가인 임채성 한국 인더스트리4.0 협회장을 초청, 특별 대담을 통해 이러한 급격한 변화의 분기점에서 한국제조업의 디지털 트랜스포메이션 현황과 과제를 집어보고, 불확실한 환경 속에서 앞으로 국내 제조 산업이 나아갈 방향에 대해서 집중 조명을 하고자 합니다.
주제 : 디지털 트랜스포메이션을 통한 한국제조업 생산성 혁신
* 연사
- 빌 루 (Bill Ruh) : GE 최고디지털책임자 겸 GE Digital 사장
- 임채성 : 한국 인더스트리4.0협회장 및 건국대 경영대학 기술경영학과 교수
GE 이노베이션 포럼 2017 LIVE 발표자료 - 임채성 한국 인더스트리4.0협회장 및 건국대 경영대학 기술경영학과 교수GE코리아
GE이노베이션 포럼 2017 LIVE 발표자료
임채성 : 한국 인더스트리4.0협회장 및 건국대 경영대학 기술경영학과 교수
Digital Transformation of Korean Manufacturers Today and Challenges
GE Innovation Forum 2017 Live
전 세계적으로 4차 산업혁명이라는 혁신의 물결이 거세게 확산되고 있는 가운데, 한국제조업의 위기감은 점점 높아지고 있습니다. 사물인터넷과 빅데이터, 인공지능(AI) 등 첨단 IT 기술 융합이 이뤄지면서 국내 제조업은 더욱 큰 변화의 시기를 지나고 있습니다. 이러한 변화 속에서 기업이 생존하기 위해 디지털 트랜스포메이션을 통한 한국제조업 생산성 혁신과 디지털 시대에 어울리는 강력한 조직문화 구축이 요구되고 있습니다.
실시간 스트리밍으로 진행되는 이번 GE 이노베이션포럼 라이브에서는 디지털 산업 시대를 선도하고 있는 GE 최고디지털책임자(CDO) 빌 루(Bill Ruh)와, 국내 산업 혁신 전문가인 임채성 한국 인더스트리4.0 협회장을 초청, 특별 대담을 통해 이러한 급격한 변화의 분기점에서 한국제조업의 디지털 트랜스포메이션 현황과 과제를 집어보고, 불확실한 환경 속에서 앞으로 국내 제조 산업이 나아갈 방향에 대해서 집중 조명을 하고자 합니다.
주제 : 디지털 트랜스포메이션을 통한 한국제조업 생산성 혁신
* 연사
- 빌 루 (Bill Ruh) : GE 최고디지털책임자 겸 GE Digital 사장
- 임채성 : 한국 인더스트리4.0협회장 및 건국대 경영대학 기술경영학과 교수
GE는 어떻게 차기 CEO를 선출하는가
GE 이사회의 CEO 승계 프로세스
오늘날 기업 환경은 더 나은 리더십을 요구한다. 현 시대에 가장 적합한 리더는 복잡한 상황에서 조직을 운영하고 혼돈을 기회로 바꿀 수 있는 인재다. 이를 위해 용기, 투지, 유연함이 필요하다. GE는 이러한 관점에서 후임 CEO 선정 프로세스를 구축했고 이사회가 이에 따라 결정했다. GE의 최고경영자 승계 과정은 신중이라는 한 단어로 표현하기에도 부족하다. 6년 이상의 끈질기고 고도로 집중된 노력의 결과다. 구체적으로 어떤 과정이었을까?
GE이노베이션 포럼 2016
‘주식회사 한국’의 혁신 돌파
‘주식회사 한국’의 혁신을 통해 4차 산업혁명의 글로벌 패러다임 전환기를 함께 돌파합시다
21세기 한국 기업의 지속 성장의 길을 함께 모색하는 ‘GE이노베이션 포럼 2016’에 오신 것을 환영합니다.
GE는 4차 산업혁명이라는 글로벌 패러다임 전환기를 맞아 ‘주식회사 한국’의 혁신 돌파 아이디어를 논의 모색할 ‘GE이노베이션 포럼2016’을 개최합니다. 이 행사는 GE가 실시한 '2016 GE글로벌혁신지표’
조사에 나타난 한국 기업의 혁신 추진 현황을 배경으로, 한국이 당면한 혁신 과제 해결을 위해 GE의 글로벌 리더와 국내외 파트너들이 함께 지혜를 모으는 자리입니다.
GE Innovation Forum 2016
- Innovation Breakthrough for Korea Inc.
Please join us on our journey in pursuing innovations for Korea Inc. to create a breakthrough for the 4th industrial revolution
Welcome to ‘GE Innovation Forum 2016’, a collaborative event where we invite our Korean partners to explore ideas for the sustainable growth of Korean industries in the 21st century. ‘GE Innovation Forum 2016’ seeks breakthrough innovations for Korea Inc. as the world enters a new paradigm of the 4th industrial revolution. Global leaders from GE and Korea have
joined in the forum to look into Korea’s current status in innovation and the key challenges the country faces that were found from the comprehensive global research, the ‘GE Global Innovation Barometer 2016’. We will also share ideas and insights on how Korea can address those challenges and trigger innovation, especially by utilizing the Industrial Internet in the manufacturing sector.
GE이노베이션 포럼 2016
‘주식회사 한국’의 혁신 돌파
‘주식회사 한국’의 혁신을 통해 4차 산업혁명의 글로벌 패러다임 전환기를 함께 돌파합시다
21세기 한국 기업의 지속 성장의 길을 함께 모색하는 ‘GE이노베이션 포럼 2016’에 오신 것을 환영합니다.
GE는 4차 산업혁명이라는 글로벌 패러다임 전환기를 맞아 ‘주식회사 한국’의 혁신 돌파 아이디어를 논의 모색할 ‘GE이노베이션 포럼2016’을 개최합니다. 이 행사는 GE가 실시한 '2016 GE글로벌혁신지표’
조사에 나타난 한국 기업의 혁신 추진 현황을 배경으로, 한국이 당면한 혁신 과제 해결을 위해 GE의 글로벌 리더와 국내외 파트너들이 함께 지혜를 모으는 자리입니다.
GE Innovation Forum 2016
- Innovation Breakthrough for Korea Inc.
Please join us on our journey in pursuing innovations for Korea Inc. to create a breakthrough for the 4th industrial revolution
Welcome to ‘GE Innovation Forum 2016’, a collaborative event where we invite our Korean partners to explore ideas for the sustainable growth of Korean industries in the 21st century. ‘GE Innovation Forum 2016’ seeks breakthrough innovations for Korea Inc. as the world enters a new paradigm of the 4th industrial revolution. Global leaders from GE and Korea have
joined in the forum to look into Korea’s current status in innovation and the key challenges the country faces that were found from the comprehensive global research, the ‘GE Global Innovation Barometer 2016’. We will also share ideas and insights on how Korea can address those challenges and trigger innovation, especially by utilizing the Industrial Internet in the manufacturing sector.
The Marine industry faces substantial pressure: global trade has decelerated and commodity prices have declined, just as a prolonged shipbuilding cycle resulted in signifi cant overcapacity. The ensuing struggle for market share, via fi ercer competition and consolidation, underscores the need for greater effi ciency in shipping. Marine offshore is also under pressure, as the sharp decline in oil prices has changed the economics of the oil and gas industry. At the same time, large cohorts of experienced workers are set to retire in the next 5-10 years, posing the risk of a shortage of critical skills.
Cracking the Workplace Discipline Code Main.pptxWorkforce Group
Cultivating and maintaining discipline within teams is a critical differentiator for successful organisations.
Forward-thinking leaders and business managers understand the impact that discipline has on organisational success. A disciplined workforce operates with clarity, focus, and a shared understanding of expectations, ultimately driving better results, optimising productivity, and facilitating seamless collaboration.
Although discipline is not a one-size-fits-all approach, it can help create a work environment that encourages personal growth and accountability rather than solely relying on punitive measures.
In this deck, you will learn the significance of workplace discipline for organisational success. You’ll also learn
• Four (4) workplace discipline methods you should consider
• The best and most practical approach to implementing workplace discipline.
• Three (3) key tips to maintain a disciplined workplace.
Falcon stands out as a top-tier P2P Invoice Discounting platform in India, bridging esteemed blue-chip companies and eager investors. Our goal is to transform the investment landscape in India by establishing a comprehensive destination for borrowers and investors with diverse profiles and needs, all while minimizing risk. What sets Falcon apart is the elimination of intermediaries such as commercial banks and depository institutions, allowing investors to enjoy higher yields.
Company Valuation webinar series - Tuesday, 4 June 2024FelixPerez547899
This session provided an update as to the latest valuation data in the UK and then delved into a discussion on the upcoming election and the impacts on valuation. We finished, as always with a Q&A
The key differences between the MDR and IVDR in the EUAllensmith572606
In the European Union (EU), two significant regulations have been introduced to enhance the safety and effectiveness of medical devices – the In Vitro Diagnostic Regulation (IVDR) and the Medical Device Regulation (MDR).
https://mavenprofserv.com/comparison-and-highlighting-of-the-key-differences-between-the-mdr-and-ivdr-in-the-eu/
At Techbox Square, in Singapore, we're not just creative web designers and developers, we're the driving force behind your brand identity. Contact us today.
[Note: This is a partial preview. To download this presentation, visit:
https://www.oeconsulting.com.sg/training-presentations]
Sustainability has become an increasingly critical topic as the world recognizes the need to protect our planet and its resources for future generations. Sustainability means meeting our current needs without compromising the ability of future generations to meet theirs. It involves long-term planning and consideration of the consequences of our actions. The goal is to create strategies that ensure the long-term viability of People, Planet, and Profit.
Leading companies such as Nike, Toyota, and Siemens are prioritizing sustainable innovation in their business models, setting an example for others to follow. In this Sustainability training presentation, you will learn key concepts, principles, and practices of sustainability applicable across industries. This training aims to create awareness and educate employees, senior executives, consultants, and other key stakeholders, including investors, policymakers, and supply chain partners, on the importance and implementation of sustainability.
LEARNING OBJECTIVES
1. Develop a comprehensive understanding of the fundamental principles and concepts that form the foundation of sustainability within corporate environments.
2. Explore the sustainability implementation model, focusing on effective measures and reporting strategies to track and communicate sustainability efforts.
3. Identify and define best practices and critical success factors essential for achieving sustainability goals within organizations.
CONTENTS
1. Introduction and Key Concepts of Sustainability
2. Principles and Practices of Sustainability
3. Measures and Reporting in Sustainability
4. Sustainability Implementation & Best Practices
To download the complete presentation, visit: https://www.oeconsulting.com.sg/training-presentations
Improving profitability for small businessBen Wann
In this comprehensive presentation, we will explore strategies and practical tips for enhancing profitability in small businesses. Tailored to meet the unique challenges faced by small enterprises, this session covers various aspects that directly impact the bottom line. Attendees will learn how to optimize operational efficiency, manage expenses, and increase revenue through innovative marketing and customer engagement techniques.
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
Personal Brand Statement:
As an Army veteran dedicated to lifelong learning, I bring a disciplined, strategic mindset to my pursuits. I am constantly expanding my knowledge to innovate and lead effectively. My journey is driven by a commitment to excellence, and to make a meaningful impact in the world.
LA HUG - Video Testimonials with Chynna Morgan - June 2024Lital Barkan
Have you ever heard that user-generated content or video testimonials can take your brand to the next level? We will explore how you can effectively use video testimonials to leverage and boost your sales, content strategy, and increase your CRM data.🤯
We will dig deeper into:
1. How to capture video testimonials that convert from your audience 🎥
2. How to leverage your testimonials to boost your sales 💲
3. How you can capture more CRM data to understand your audience better through video testimonials. 📊
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...BBPMedia1
Grote partijen zijn al een tijdje onderweg met retail media. Ondertussen worden in dit domein ook de kansen zichtbaar voor andere spelers in de markt. Maar met die kansen ontstaan ook vragen: Zelf retail media worden of erop adverteren? In welke fase van de funnel past het en hoe integreer je het in een mediaplan? Wat is nu precies het verschil met marketplaces en Programmatic ads? In dit half uur beslechten we de dilemma's en krijg je antwoorden op wanneer het voor jou tijd is om de volgende stap te zetten.
Affordable Stationery Printing Services in Jaipur | Navpack n PrintNavpack & Print
Looking for professional printing services in Jaipur? Navpack n Print offers high-quality and affordable stationery printing for all your business needs. Stand out with custom stationery designs and fast turnaround times. Contact us today for a quote!
3. Wurldtech Executive Guide 3
Table of Contents
Unleashing the Opportunity of the Industrial Internet_____ 4
Securing the Industrial Internet ______________________ 7
Critical Infrastructure:
an Aptly-Named Segment__________________________ 10
Vast Differences Between IT
and OT Cyber Security_____________________________ 16
When Facing Dangerous Enemies,
Call the Professionals______________________________ 20
OT Security: Where to Start_________________________ 25
Summary________________________________________ 28
4. Wurldtech Executive Guide 4
In 2000, analyst firm Frost & Sullivan coined a term to describe the growth of integrating
machines used in industrial settings with Internet-connected sensors and software that collect
data from machines, examine the data and then apply it to operations to improve efficiencies.
They called it the Industrial Internet.
Consider it the Industrial Age meets the Information Age, where physical and cyber
collide; where the Internet intersects with our basic human needs—like water,
transportation, healthcare, energy. It’s where industrial enterprises are seeing the potential
life-changing benefits that enhanced intelligence and connectivity can bring to critical
control systems.
The Industrial Internet is already transforming global industry and infrastructure—
with the driving force behind this inevitable evolution being the promise of efficiency,
data management, productivity, and superior safety. By 2020, an estimated 50 billion
machines will be connected to the Internet. Through accelerated productivity growth,
this digital migration could boost global gross domestic product (GDP) by as much as
$15 trillion by 2030.
1
That’s why, in the context of the Internet of Things (IoT), we call this the Internet of really
important things.
Unleashing the Opportunity
of the Industrial Internet
5. Wurldtech Executive Guide 5
Connecting to the Internet is an unavoidable
reality of business, and only those who adapt
and evolve will be able to advance and continue
to compete in the modern world. That means
optimizing for the digital age and moving
process equipment online. While it can feel risky,
and change can be tough, great value (e.g.,
increased revenues, lowered costs, enhanced
automation) can come from embracing the
evolution, thoughtfully and securely.
Despite the fact the Industrial Internet is here to
stay, it is, most importantly, where companies
will find the best opportunity for growth today—
and maybe the only opportunity. Already, the
Industrial Internet is saving billions of dollars
each year across the industrial world through
efficiencies created by Internet connectivity,
insight, and innovation.
Data by GE shows that by bringing together
digital technology with its domain expertise across
industries such as aviation, energy, healthcare and
transportation, customers can achieve a potential
20 percent increase in performance.
2
Think about it: A more digital oil field means
better asset management and more productivity
at every well. A more digital hospital means
better, faster, more efficient healthcare. A more
digital rail system means freight is delivered
faster and at lower cost.
Believe it or not, you’re
already online
The Industrial Internet opportunity is staggering,
and many leading industrial firms are investing
to capitalize on its benefits. Gartner estimated
in late 2014 that manufacturing, utilities, and
transportation would be the top three verticals
using IoT in 2015. Together, they would represent
736 million connected things in use. By 2020,
utilities will move into the top position, followed
by manufacturing and government, with a total
of 1.7 billion IoT units installed.3
With an increasing number of interconnected
devices helping to automate and manage
operations comes greater security needs. Cyber
security is in the news on a daily basis. It’s top of
mind. People want to know: Is their medical data
private? Is their bank information safe? Is their
credit card secure?
But when it comes to the industrial sector, why
are so few asking about industrial cyber security?
Could it be that they don’t know what to ask?
In the industrial sector, there are two camps
when it comes to online connectivity. The first
camp is connected to the Internet, knowingly,
purposefully, and with the ability to reap the
manifold benefits of that reality. The second is
also connected to the Internet, but unknowingly
and to the possible detriment to business and
safety. Both need protection.
There was a time when connectivity outside
an immediate plant or factory network wasn’t
possible and control engineers addressed
security issues with air gapping—a strategy
Digital technology
combined with industrial
expertise could achieve a
20% performance increase.
6. Wurldtech Executive Guide 6
to physically isolate a secure network from
unsecured networks. By definition, an air
gapped system is neither connected to the
Internet nor any other system. Air gapping as
a strategy, however, now seems questionable.
There was a time, too, in the 1930s, when
France constructed the Maginot Line—a line
of fortification stretching from Switzerland to
Luxembourg. The French heavily fortified the line
on the German border. Unfortunately, they left
the Belgian border weakly fortified, leaving
a back door for Hitler to exploit. France fell in
less than six weeks.
Somewhat analogous to air gaps, the line was
impressive and may have seemed impenetrable,
but, in the end, was ineffectual against new
warfare tactics and technology. Similarly, an air
gap strategy presents an inherent risk. Not only
are those that use one left unprotected from
nefarious outsiders, but they’re also defenseless
against deliberate or unintentional insider mishaps.
The Maginot Line illustration also reinforces
another critical point: much like the Belgian back
door to France, back door vulnerabilities exist
in operational technology, too. It’s critical to be
aware of the various access points to operational
technology and the lack of fortification often
found at these access points.
Companies must realize the value—from
business, maintenance, and equipment vendor
perspectives—of connecting systems and having
routable access between enterprise and the control
systems. They must also accept that malware
has been developed—think Flame, Stuxnet, and
BlackEnergy—to circumvent air gaps.
With something as simple as a flash drive or
Wi-Fi connection, a malicious or inexperienced
insider could infiltrate and infect critical systems.
And finally, they need to fully understand
what’s happening in their networks in order to
protect them.
Security waits for no one,
so don’t wait for security
It’s time to fully realize the benefits of the
Industrial Internet—securely. Engage early with
industrial security specialists who can help
identify security weaknesses, prioritize areas
for improvement, mitigate immediate risks,
and reduce the overall attack surface of your
network. Select a firm that can provide guidance
in implementing purpose-built solutions for
industrial and process control environments
that can scale to accommodate complex ICS
and SCADA systems and provide full network
visibility, control, and protection.
Designed for the operational technology sector,
these solutions should be able to inspect and
control traffic that runs across distributed controls
systems (DCSs), programmable logic units (PLUs),
and other industrial devices at the application
command level, as well as detect and block
unauthorized activity. They should also interoperate
with traditional or next-generation firewalls to
provide the right design for your IT–OT security
transition zone and best protect your processes and
control systems—all without the need for network
re-engineering or downtime.
Key Insights
• The Industrial Internet creates
tremendous opportunity for
efficiency, productivity and safety
• You are already connected
• Air gapping no longer exists
• Steps should be taken to reduce
overall attack surface of the OT
network
7. Wurldtech Executive Guide 7
While related and often used interchangeably, the Industrial Internet and the Internet of
Things (IoT) are not one and the same. The former is more specific and a subset of
the latter. While IoT connects “everything” (and most commonly refers to consumer devices
like cell phones, fitness wearables, smart meters, etc.), the Industrial Internet represents the
convergence of industrial machines, data, and the Internet.
It’s where the Internet intersects with our basic human needs, such as water,
transportation, healthcare, and energy; and where industrial enterprises are seeing the
potential life-changing benefits that enhanced intelligence and connectivity can bring
to their critical industrial control systems (ICS), including supervisory control and data
acquisition (SCADA) and distributed control systems (DCS).
Beyond IoT’s convenience, what’s driving the inevitable evolution toward the Industrial
Internet is the promise of asset availability, efficiency, and safety. That and the fact that
connecting to the Internet has become an unavoidable reality of business.
By converging global industrial systems with the power of advanced computing,
analytics, automation, and connectivity, the Industrial Internet is allowing companies—in
healthcare, transportation, and energy—to make significant operational improvements
and to better compete in the modern world.
Securing the Industrial Internet
8. Wurldtech Executive Guide 8
Don’t be too late
While time and money gains make for attractive
incentives to join the connected world, it makes
sense, too, that industrial companies may be
reluctant to make changes that could impact
the integrity and availability of critical assets and
systems. Especially when this new world might
feel a bit like Alice falling down the rabbit hole into
Wonderland—what’s big is small and small is big
and everything has been turned on its head.
But unlike the White Rabbit who fears he “shall
be too late,” companies have an opportunity
to be on time to securing their future. It comes
down to making the necessary changes to
accept the invitation and the need for change.
Thing is, industrial device lifecycles are measured
in decades and, as a whole, lack today’s security
requirements. Take, for example, nuclear
weapons management. It’s based on 1960s
technology and, while it works efficiently and has
thankfully been very secure, the task of bringing
it fully into the 21st century has been daunting
and difficult. That goes for all sorts of other
legacy and perhaps more mundane industrial
sector systems and infrastructures.
For the first time, oil rigs and factories and
refineries are sending mission-critical data
beyond their physical perimeters, as well
as inviting modern performance-enhancing
solutions to advance their business. They’re
making the cyber transition, but as they do,
they cannot leave their systems vulnerable to
theft and vandalism.
Industrial efficiency vs.
industrial security
As physical and cyber befriend one another, so,
too, must efficiency and security. The two need
not be at odds and, in fact, companies should
factor both into the production cost-benefit
equation sooner rather than later. But before
they can secure anything, they need to know
what that “anything” is.
One major constraint to protecting industrial
systems—even for industrial companies
themselves—is a misunderstanding of the
difference between IT (information technology)
and OT (operational technology). It remains a
hazy area in terms of if and how the two overlap,
where they diverge, and who, with regard
to internal security teams, is responsible for
securing what.
Here’s an easy—if overly simplistic—way to think
about it. IT stores, retrieves, transmits, and
manipulates data. OT uses that data to monitor,
control, and operate physical devices, processes,
and events. In the past, OT systems were not
connected to the Internet. Today, everything’s
One major constraint
to protecting
industrial systems is a
misunderstanding of the
difference between IT
(information technology)
and OT (operational
technology).
9. Wurldtech Executive Guide 9
changing and, because of that, not only must
new OT vulnerabilities be addressed, but
companies must decide who’s to address
them and how.
Confidentiality
vs. integrity breaches
The difference between a confidentiality and
an integrity breach in the industrial space is
significant. Compromises to IT systems can
mean loss of data or damage to corporate brand,
reputation, and profits. In an OT environment,
by contrast, breaches can have disastrous
consequences, with attacks resulting in the
breakdown of nuclear systems, rail management
systems, and other systems critical for smooth
societal functioning.
Take, for example, an airplane. A confidentiality
breach of its data system may result in a hacker
getting his hands on a passenger manifest.
During an integrity breach of a control system,
however, a pilot’s navigation panel could start
to show that the plane is traveling higher than it
actually is. While data theft is extremely serious,
loss of altitude (and safety) or possibly life
trumps all.
Safety must be job one
Today’s industrial organizations take safety
seriously and have reduced people risks. But
as the world rapidly connects devices and
machines, it’s time to assess security weak
nesses as the first step toward ensuring better
protection of people, processes, technology,
and intellectual property.
In an OT environment,
breaches can have
disastrous consequences.
10. Wurldtech Executive Guide 10
Aquick review of history reveals many a rise and fall—and in the best cases, rise again—
of industry-changing global brands. But in too many cases, changing industry dynamics
have felled a large number of major corporations. A missed cue here, a misread trend there,
or simply changing too slowly to correct course can have disastrous effects. In fact, Fortune
magazine compared FORTUNE 500 firms listed in 1955 versus those listed in 2014. Nearly
90 percent of companies on the 1955 listing are now gone!
Companies must move and optimize for
the times. And today, that means greater
connectivity. While that can feel risky and
change can be tough, great value (e.g.,
increased revenues, lowered costs) can come
from embracing it, thoughtfully and securely,
rather than resisting, avoiding, delaying, or
ignoring it.
Critical Infrastructure:
an Aptly-Named Segment
Companies must move
and optimize for the times.
Today, that means greater
connectivity.
11. Wurldtech Executive Guide 11
Executive tips for securing
operational technology
In September 2015, the Department of Homeland
Security (DoH) published a fact sheet: ICS
Cybersecurity for the C-Level. It entreats C-level
executives in the industrial sector to put cyber
security at the forefront of their plans, while also
offering up some basic practical advice.
It speaks of the growing rate and sophistication
of malware attacks, citing Havex and
BlackEnergy as examples. Havex, which operates
as a Remote Access Trojan (RAT), can inject
unauthorized control commands onto ICS/
SCADA devices and cause denial of service
in critical infrastructure (e.g., water, energy);
BlackEnergy, another trojan-type bug, can
compromise Human Machine Interface (HMI)
software to gain access to control systems.
The DoH fact sheet lists six questions that
every C-level executives should be asking
about cyber security.
The 6 questions are:
• What assets are at risk?
• What are potential consequences of
a compromise?
• Who’s ultimately responsible for
cyber security?
• Is your ICS environment protected from
the Internet?
• Do you have remote access to your ICS
environment? If so, how is that monitored
and protected?
• Are you keeping current on recommended
cyber security best practices?
It also provided corresponding risk management
concepts or strategies, advising organizational
leadership to:
• Identify critical assets and perform a cyber
security risk assessment.
• Assign a cyber security expert to set policies
and enforce monitoring.
• Protect your network by NOT connecting to
the Internet.
• Secure remote access via multiple defense
layers (e.g., two-factor authentication, VPNs).
• Join the ICS-Cert Portal for alerts and
incident reporting.
12. Wurldtech Executive Guide 12
How bad things can happen
Looking at the DoH risk-management concept
list, one thing is not like the others—NOT being
the operative word.
The use of all caps by the DoH must have been
for emphasis. As if the author wanted to be
certain there was no misunderstanding. While
isolating an industrial system from the Internet
may be a security technique, should it be
considered best practices? In this case, the DoH
guidance seems not only overly simplistic advice,
but also naïve.
In this day and age, not connecting to the
Internet is like telling someone the only way to
avoid getting in a car accident is to not get in a
car. Sure, that might work, but then where are
you? Back in the 19th century? Forget all the
advances the car industry has made in terms of
safety. Heck, just don’t ever drive or go for a ride
again. Wouldn’t it, as a best practice, be better
to recommend use of seatbelts, going the speed
limit, taking a driver’s ed refresh, etc.?
Playing it safe is always a good plan, but living
in a non-Internet-connected world is not. Even if
organizations think they aren’t connected to the
Internet, they are. In some way. So more prudent
advice would be to embrace and prepare for that
truth (and its benefits) with the right people, the
right tools, and the right training.
OT security and IT
security: differences and
opportunities
OT security and IT security are different, in several
ways. But the most significant difference can be
shown in terms of attack outcomes. An attack on IT
could lead to data theft (ones and zeros); an attack
on OT could affect the physical world (people,
environment, assets). It’s a serious distinction.
In this day and age, not
connecting to the Internet
is like telling someone the
only way to avoid getting
in a car accident is to not
get in a car.
13. Wurldtech Executive Guide 13
But while different, it is important to note that
IT and OT security do overlap and converge. In
fact, Gartner has an 80/20 rule-of-thumb4
that
says 80 percent of the security issues faced by
OT are almost identical to IT (due to OT adopting
IT technologies over time), while 20 percent are
unique, not to be ignored, and critical (people,
environment, assets).
Let’s break this down a bit and look at each
according to: security and safety priorities, threat
types, vulnerability lifecycles, air gapping and
segmentation, available solutions, and staffing.
Security and safety priorities:
CIA versus CAIC
In terms of security priorities, we can illustrate
with CIA versus CAIC. Thanks to the likes of
spy thrillers like James Bond and Jason Bourne,
most folks see CIA and think Central Intelligence
Agency. But in the IT world, CIA is the gold
standard triad that drives security decisions and
design policies. Ranked in order of priority, it
stands for confidentiality, integrity, and availability.
By contrast, the OT benchmark is CAIC, standing
for control, availability, integrity, and confidentiality.
As is evident, OT cares about the same security
properties, but ranks them differently and with
safety forever being the top priority.
Availability, for instance, becomes more
important than confidentiality because of the
nature of processes and the impact that shutting
down and restarting systems can have on
productivity. In some industries, shut down
and restart procedures can take days.
Control, the added property, refers to the ability
to control a process and change a state when
needed and in a safe and secure manner. Because
it can impact people, safety, and assets, it has
to be the highest priority when considering the
attack surface of any system.
Staffing skills for IT and OT
As with any emerging technology discipline,
staffing can be a challenge. Most often, there
is a clear demarcation between those who
understand IT and those who understand
control systems. The primary responsibility of
IT is service delivery, often measured in service
level agreements. The primary responsibility of
OT is proper physical asset operations.
When OT security fails,
a digital attack can have
physical repercussions.
CAICCIA vs
CONFIDENTIALITY
INTEGRITY
AVAILABILITY
CONTROL
AVAILABILITY
INTEGRITY
CONFIDENTIALITY
14. Wurldtech Executive Guide 14
In the IT realm, there’s generally more cyber
security specialization. People have been
specifically trained in application security or
network security or encryption or any number of
other important disciplines.
In OT, those tasked with security are usually
operational technology people. As part of their
day job, they have to deal with security, too. It’s
been an add-on, and not a specialization.
To achieve effective security, IT and OT can
no longer be siloed functions; they must align.
This makes collaboration and cross training
essential. OT should have access to IT expertise,
and IT must understand the needs of OT. If
need be, they can start by focusing on baseline
security such as identity and access control,
asset management, and change management.
Threat types: data versus physical
If IT security fails, it has digital consequences (e.g.,
theft, vandalism, reputation damage, revenue loss).
In OT, systems are not only used for information
exchange and decision-making, but to change
the state of a device or environment. That means,
when OT security fails, a digital attack can have
physical repercussions. Needless to say, the stakes
are higher—people, environment, assets—when it
comes to securing OT.
Because critical infrastructures are used by
billions of people everyday, damage to them has
the potential for economic, social, and political
repercussions, including large financial losses or,
even compromises to a country’s sovereignty
or defense. An attacker will claim to have
compromised a substation or generation facility,
threatening “lights out” if a ransom goes unpaid.
It’s clear that the nature of attacks in IT versus
OT is quite different in terms of priorities (think
back to CIA versus CAIC). But, often times, the
nuance isn’t in the threat, but in the different
approaches required to deal with threats when
they are realized.
Vulnerability lifecycle: no “patch
Tuesday” in OT
Because of the difference in threats and priorities,
the vulnerability lifecycle in IT versus OT differs
Vulnerabilities must be
ranked differently and
mitigations between
discovery and patching
must be more robust.
15. Wurldtech Executive Guide 15
significantly. In IT, the vulnerability lifecycle
begins with the discovery of, well, a vulnerability—
which often isn’t until an exploit (e.g., malware in
active attacks) reveals the software deficit. Once
discovered, the immediate reaction is to give
vendors an opportunity to create a patch. This fix
process has become so commonplace that’s it’s
almost a fact of life. Once the patch is installed,
the issue is generally considered mitigated.
In the time gap between discovery, patch
publication, and patch installation, technologies
like IDS, antivirus, and IPS are used to mitigate the
risk. And it’s with that time gap where the major
difference between IT and OT lies. In IT, the gap is
relatively short—a matter of days, weeks, maybe
months. In OT, because patch cycles tend to be
much longer, the useful life of exploits can often
extend to months and years.
This means vulnerabilities must be ranked
differently and mitigations between discovery
and patching must be more robust. For instance,
a denial of service attack would likely be ranked a
higher priority in OT than in IT. The same goes for a
privilege escalation in a pre-authentication setting
(common in OT control systems, but rare in IT); it
would rank much higher for OT in terms of severity
than it would in an enterprise software system.
The myth of air gapping
Prior to the Ethernet revolution of the 1980s,
there was no connectivity possible outside an
immediate plant or factory network. Systems
were designed to be flat in nature. And the
mindset of the control engineer was to respond
to security issues with air gapping. By definition,
an air-gapped system is neither connected to
the Internet nor any other system.
Companies have since realized the value—from
business, maintenance, and equipment vendor
perspectives—of connecting systems and having
routable access between enterprise and the
control systems. And those who previously
relied on air gapping to keep them safe are out
of luck—basically because air gapping no longer
exists. As seen with the latest malware, including
Flame, Stuxnet, and BlackEnergy, modules have
been developed to circumvent air gaps. With
something as simple as a flash drive, a malicious
or inexperienced insider could infiltrate and infect
critical systems.
What’s more, operators may not have policies
for patching legacy OT systems that have been
considered air gapped.
What to look for in solutions
In IT, information on threats and vulnerabilities is
readily available. There is a rich marketplace of
security vendors for firewalls, intrusion detection
and prevention, application control, and many
other areas.
OT security, on the other hand, is an emerging
field. There is a smaller vendor set, as well as
proprietary protocols. While off-the-shelf next-
gen firewalls, for example, are valuable go-to
solutions for IT, they won’t work in OT. They’re
not designed for OT environments where the
threats are different and repercussions of
attacks more severe. New solutions are needed
and they must be developed specifically for OT.
Moreover, there’s not only a difference in solution
availability, but there’s a difference in creating a
security solution that works in the mindset and
culture of OT engineers who are used to highly
intuitive, visual, drag-and-drop tools. Solutions
must be purpose-built and optimized for them
and if they aren’t accessible and easy to use (UIs
matter tremendously), no one will use them.
Those who previously
relied on air gapping to
keep them safe are out of
luck because air gapping
no longer exists.
16. Wurldtech Executive Guide 16
In the movie, Wedding Crashers, actors Owen Wilson and Vince Vaughn made crashing
parties look easy, but the freeloading duo also weren’t trying to crash Prince William and
Kate’s nuptials. Getting an invite to a celebrity wedding is much like getting on a whitelist. If
you’re on the list, you’re golden—dance the night away. If you’re not, you’re out of luck and
stuck reading about it in the gossip column or celebrity magazine on your next visit to the
hair salon or grocery store.
Briefly put, whitelisting provides protection against malware (unwanted guests) by
allowing only known good files (friends and family) to execute. Everything else is blocked.
While not totally foolproof, it works well in environments where the stakes—people,
environment, assets—are high.
On the flip side, there’s blacklisting—what you’d find with traditional antivirus software.
Blacklisting is a bit more reminiscent of the “Red Wedding” from Game of Thrones. To be
sure, the Lannisters would never have made the guest list—and, in fact, would have been
blacklisted from the affair. However, like morphing malware, they found a way in. And
poor Robb Stark, who’d been lulled into a false sense of security, found out too late—when
Roose Bolton plunged a dagger into his heart, saying, “The Lannisters send their regards.”
There are all types of bad guys. Perhaps not all as despicably bold and evil as Roose
Bolton and his not-so-merry band of assassins, but enough who have little concern for
feelings or etiquette or humanity or anything other than their own prodigious plundering.
Not to say blacklisting is without its merits (or that every wedding comes with the
same life-and-death risks as those in Game of Thrones), only that it’s not as fail-safe as
whitelisting, especially in scenarios—transportation, nuclear reactors, power plants—where
second chances aren’t really an option.
Vast Differences Between IT
and OT Cyber Security
17. Wurldtech Executive Guide 17
Whitelisting vs. blacklisting
Whitelisting operates under the principle of deny
by default, and this works well in more static OT
settings where rule sets are shorter. If a software
program doesn’t have permission, it’s not allowed
to run. If something isn’t exactly as expected, it’s
not allowed to run. Plain and simple: If it’s this,
allow it. If it’s not this, do not allow it. The key is
proper setup and maintenance to ensure there
are no detrimental effects to not allowing.
When properly configured, whitelisting can be
viewed as a more proactive approach that can
stop most malware (including unknown malware)
from being executed or even installed in the first
place. That’s not to say it’s a set-and-forget, low-
maintenance solution. It does require updating
when software changes are made to a system
and its primary challenge, again, is locking down
systems as tight as possible for maximum security,
but without blocking critical functionality.
On the other hand, blacklisting only blocks
known malware. Because of the iterative nature
of malware attacks, this practice tends to
become more reactive—again, chasing threats
and responding to exploits versus patching
vulnerabilities before an incident occurs. In IT, this
can work because vendors are continually looking
for and resolving vulnerabilities based on threats
and exploits—which, generally speaking, aren’t
considered life threatening. For this reason alone,
blacklisting isn’t ideal for OT environments.
But wait. There’s more.
Blacklisting also requires regular malware
scans, which not only take up a large amount
of processing power, but they take time. After
control, availability is most critical. Systems can’t
be slowed down in order for a scan to run and
they can’t risk having antivirus software delete
a file—that may contain malware—when, in fact,
that file could be critical to a system running
without disruption.
With a grain of salt, let’s think back to the “Red
Wedding.” Roose Bolton and his crew were
an iffy bunch—not necessarily a known good
(whitelist) or a known bad (blacklist). But by
choosing to accept them as not a known bad,
Robb Stark let the enemies into the castle where
they lied dormant until the signal to attack. Had
Robb, instead, stuck to the safer, more traditional
whitelist, it may have been a smaller party, but he
and his family might have lived to see another day.
When properly configured,
whitelisting can be viewed
as a more proactive
approach that can stop
most malware from being
executed or even installed.
You are
Invited
18. Wurldtech Executive Guide 18
Different security
for different
environments
IT is dynamic OT is deterministic
Comprised of fluid, intertwined technology
stacks, IT has a lot of moving parts—which
means it also has an incredible number of
exploit variants. From network to compute
to application to data and more, IT teams are
responsible for safeguarding every layer in a
stack with its own brand of add-on security
(e.g., VPN, SEIM, NGFW, DLP).
On top of that, these security teams are caught
up in a perpetual game of cat and mouse with
attackers who always seem to have the advantage
and be at least one step ahead. It’s a never-ending
cycle of identifying new viruses, updating malware
signatures, closing security holes, etc.
OT systems are engineered for specific,
measured, prescribed actions based on
content, and not context. That’s determinism.
Things only happen one way—the way they
were designed to act. If given a certain input,
they will always produce a certain output, time
and time again. It’s an either/or. For example,
you open a valve or you close a valve. There
are no in-betweens.
No question, the OT threat landscape is scary,
but because of its deterministic environment,
the nature of attacks is not as dynamic as in
the IT world—and the primary security focus
becomes about ensuring control.
IT: Data is king OT: Process is king
IT is about digital information storage, retrieval,
transmission, and manipulation. Most businesses
want to ensure smooth data flow. For example,
Amazon wants to be sure identities are verified,
that credit cards are working, and that searches
and purchase histories can be used to offer up
“you so need this, too” suggestions. None of
these crosses over into the physical realm of
process control and manual manipulation.
OT is all about process control, which is why it’s
not germane to think about things in the same
way you would in the IT world, where defenses
are layered (at times, seemingly ad infinitum)
onto technology stacks. Industrial organizations
typically run a small suite of control applications,
and maybe a few more to help manage and
maintain systems. For the most part, the
environment remains relatively static.
IT: Gateways are everywhere OT: Fewer gateways
More gateways mean a larger attack surface.
And considering that 60 percent of network
traffic is bots, it’s no wonder attackers only
need to be right once—yet another reason IT
guys are one step behind the bad guys. It’s
nearly impossible to keep up.
Fewer gateways, fewer avenues for attackers to
pursue. The key is reinforcing armaments at those
known gates, moats, and tunnels from the start.
For critical infrastructure organizations, whitelisting is one of the
top practices for protecting against harmful applications and
mitigating targeted cyber intrusions. To better appreciate why, it’s
important to understand how both IT and OT environments work,
and how they operate under different conditions.
IT OTvs
19. Wurldtech Executive Guide 19
IT: Confidentiality is priority #1 OT: Control is priority #1
In order of importance, priorities are:
confidentiality, integrity and availability
(the CIA triad). First and foremost, businesses
and consumers expect financial, medical
and personal data to remain private.
In OT, an additional priority tops the list,
while the rest are flip-flopped. The new
order: control, availability, integrity, and
confidentiality. Control equates to safety
because, in this environment, loss of control
could have dire consequences. Next is
availability (e.g., we expect to have water at
the flick of a faucet), then integrity (e.g., we
expect that water to be clean and pure), and
finally, confidentiality.
IT: Throughput matters OT: Throughput is secondary
The amount of data that can be transferred
at any given time is a big deal in the IT world,
where connected constituents have gone
all Oliver Twist, minus the “please, sir.” That
means both bandwidth (think of this as a
multiple-lane highway) and throughput (the
number of cars traveling on the highway at
any given time) demands are ever growing.
The “information highway” infrastructure
is less complicated and less congested in
OT. If, say, a four-lane highway were built, it
was done so because four lanes were more
than adequate to handle the relatively fixed
amount of anticipated traffic. Throughput
requirements aren’t changing as quickly or
drastically as in the IT space.
IT: Patch Tuesdays OT: Patch…decade?
Security patching is so commonplace in IT that
vendors have a regular weekly release day.
Vulnerabilities are easy for attackers to find.
They’re also often only discovered as a result
of an exploit. In fact, because of the dynamic
nature of IT environments, it’s becoming a
rarity to find vulnerabilities pre-exploit.
The good news for IT is that, once found,
vulnerabilities generally have effective patching
available within days to mitigate damage.
No matter what, security cannot make critical
infrastructure less available or reliable. In
fact, it cannot have any negative impact—no
disruptions, no slow downs—to the real-
time and deterministic operation of critical
infrastructure.
So even if Patch Tuesdays did exist (which they
don’t), they wouldn’t be a viable solution. It’s
just not feasible to drop security measures in
and expect them to work as they might in IT.
20. Wurldtech Executive Guide 20
From petty-crime hackers living in Mommy and Daddy’s basement to state-sponsored
cyber sophisticates, there’s a wide range of marauders in cyberspace. Each with their
own challenges; each with their own agendas and ideas of success; but all with a new
and different target on the market. Today, the big prize, the pièce de résistance of cyber
malfeasance is the industrial sector full of
systems that were not designed with security
in mind or at least not the type of security
required to combat cyber crooks. It needs
more than simple obstacles to channel the
little guys in a different direction; it needs
fully manned ramparts to deflect the more
determined and well-funded foes.
In simpler terms: when it comes to OT security, call in the professionals. Because those
bad guy adversaries are really smart.
When Facing Dangerous Enemies,
Call the Professionals
Today, the big prize,
the pièce de résistance
of cyber malfeasance
is the industrial sector.
21. Wurldtech Executive Guide 21
Who are the bad guys?
Attackers are a diverse bunch. They include,
of course, nations states, but also other
hackers, hacktivists, script kiddies, cyber
terrorists, crime organizations, and insiders
(malicious, exploited/tricked, and careless/
accidental). Some are amateurs seeking
a challenge or notoriety. Some are driven
by political agendas or publicity. Some
are highly organized, professional teams
executing targeted and disruptive attacks with
sophisticated tools for ransom, revenge, or
worse. Many are well funded, especially when
sponsored by nation states.
No doubt, motivations run the gamut. And no
doubt, the industrial sector has become a new
prime target.
• In summer 2015, it was revealed that China
exploited the U.S. Office of Personnel
Management, stealing the personal
information of 22 million people. It’s also
believed that China stole the blueprints for
the United States’ F-35 stealth jump jet.
While both were data breaches, the industrial
sector should take serious note.
• In September 2015
5
, U.S. National Intelligence
Director James Clapper appeared before a
U.S. House Committee on Intelligence hearing.
SecurityWeek (and other news sources)
reported Clapper’s testimony in which he
said unknown Russian hackers compromised
product supply chains of several ICS vendors.
According to reports, Clapper said customers
of those vendors unknowingly downloaded
malicious software with the intent by bad
actors of exploiting facilities and operations.
A stark reality and scary proposition in today’s
world, where many attackers don’t even have to
develop their own tools. Instead, they can use
pre-existing malware and adapt, for example,
a popular hacker app like Metasploit, originally
designed to automate penetration testing for
cyber security professionals and ethical hackers,
to find and exploit network vulnerabilities. It’s a
world, too, where attackers are targeting areas
of weaker physical security such as radio links
(Wi-Fi) by software-defined radio (SDR) hacks,
fiber connections via fiber tapping, or systems
with weak or non-existent passwords. It’s a world
in which “legitimate” companies, operating in
unregulated grey markets, are in the business of
selling zero-day vulnerabilities for SCADA systems.
If that’s not chilling enough, consider the
“destructive” attackers—those plotting to gain
access of control of systems in order to inflict
substantial physical damage. Destructive attackers
who may be from any one of these outsider
groups, or who could be lurking within the
corridors and confines of your own organization.
The bad guys might be closer than you think.
Research shows that 85 percent of cyber
attacks come from the outside6
. However, it also
indicates that malicious insider attacks, while
more rare, are often more destructive.
Many hackers use pre-
existing malware and
adapt it to find and exploit
network vulnerabilities.
22. Wurldtech Executive Guide 22
That’s right. Bad guys aren’t all faceless and
nameless. The people who work for your
organization are potential perpetrators. And this
is perhaps why organizations are shifting their
focus inside.
It’s time to crack down on malicious—or just
careless—insider threats.
In ARC’s 2015 Industrial Cyber Security Global
Market Research Study, participants ranked their
primary concern as internal threats. Yes, that’s
above all variety of external threats—from cyber
terrorists and criminals to unfriendly nation
states and hacktivists. Perhaps counterintuitive,
it was ARC’s contention that while naivety
regarding external threats is a possibility
(especially when it comes to limited concern
regarding wireless network and BYOD threats),
it is more likely that organizations are more
confident in their external perimeter defenses
and are now looking to find better ways to
“protect themselves from themselves.” (And
maybe also because many organizations’ internal
security measures are easier to bypass.)
But back to those insider threats. What
constitutes a malicious insider?
As defined by Computer Emergency Response
Team (CERT) at Carnegie-Mellon University,
“A malicious insider threat to an organization
is a current or former employee, contractor,
or other business partner who has or had
authorized access to an organization’s network,
system, or data and intentionally exceeded or
misused that access in a manner that negatively
affected the confidentiality, integrity, or
availability of the organization’s information or
information systems.”
Another study by the Software Engineering
Institute of Carnegie Mellon showed that
employees make up 85 percent of internal
threats, while contractors, subcontractors, and
business partners constitute the remaining 15
percent.7
But to be clear, that doesn’t necessarily
mean that 85 percent of the damage derives
from employees. Trusted contractors, too,
can undermine an organization’s security and
destabilize core capabilities.
What’s important is that practices, policies,
and processes regarding cyber security be
established, taught, and engrained in the psyche
of not only full-time employees, but anyone
who is granted (or may happen along) access to
sensitive data and control systems. This includes
vendors and sub-vendors who come and go all
the time. They may arrive to manipulate, repair,
or replace their own specialized equipment, but
what else are they privy or given access to?
Another study showed that
employees make up 85
percent of internal threats.
In ARC’s 2015 Industrial
Cyber Security Global
Market Research Study,
participants ranked their
primary concern as
internal threats.
23. Wurldtech Executive Guide 23
The incidents we know about
In June 2015, SANS Institute released its report,
The State of Security in Control Systems Today.
One third (34%) of respondents from around the
globe said they believe their systems have been
breached more than twice in the past 12 months.
Here are some of the most noteworthy attacks
on critical industrial infrastructure.
Stuxnet
Discovered in 2010, Stuxnet targeted Iran’s
nuclear enrichment program. It infected 100,000
computers at 22 manufacturing sites and
destroyed 1,000 centrifuges. Initially, it spread
using infected removable devices. It exploited
the controller architecture by hijacking a
vendor’s dynamic link library (DLL) driver.
Duqu and FLAME
Labeled the “sons of Stuxnet”, Duqu and Flame
happened, respectively, in 2011 and 2012.
Duqu was Trojan horse malware that captured
and exfiltrated data via a jpeg file. Flame was
spyware discovered in Iran oil and nuclear
installations. More complex than Stuxnet, it
could record audio, screenshots, keyboard
activity, and network traffic.
Shamoon
In 2012, Shamoon targeted Saudi Aramco, an oil
and gas company, and was, to date, believed to
be the most destructive business sector attack.
It infected more than 75 percent of the oil and
gas company’s workstations, replaced crucial file
systems with an image of a burning U.S. flag, and
bungled messaging services for weeks.
Dragonfly
In 2013 and 2014, Dragonfly (a.k.a. Energetic Bear)
targeted U.S., Canadian, and European defense
and aviation companies. It used spam email
campaigns and watering hole attacks to spy on,
damage, and disrupt operations.
Other Significant Attacks
Though “unnamed,” these incidents left indelible
impressions.
In 2013, a malware-infected USB stick wreaked
havoc on a U.S. power plant when it transferred a
virus to 10 computers on a turbine control system
network. Operations were impacted for nearly
a month. The following year, a hacking group
attacked a U.S. public utility’s control system
network through, it’s believed, an Internet portal
that gave employees access to the utility’s control
system. The hackers used brute force cracking
to break the simple password mechanism. Also
in 2014, another group used spear-phishing to
infiltrate a German steel mill and prevent a blast
furnace from shutting down. The fully digital
attack resulted in massive physical damage.
78 percent of security
officials expect a successful
attack on their ICS/SCADA
systems within the next
two years.
24. Wurldtech Executive Guide 24
Unfortunately, attacks of this nature are on the rise.
In fact, a 2014 Ponemon Institute study, Critical
Infrastructure: Security Preparedness and
Maturity, revealed that 67 percent of critical
infrastructure companies suffered an attack—
which led to loss of confidential information or
disruption in operations—within the previous
year. The paper also stated that 78 percent of
security officials were expecting a successful
attack on their ICS/SCADA systems within the
next two years. What’s more, according to Dell
Security’s 2015 Annual Threat Report, worldwide
SCADA attacks increased from 91,676 incidents
in January 2012 to 163,228 in January 2013 to
675,186 in January 2014.
These numbers are not looking very good.
But what is looking good is the growing focus
on the space and its differing security needs.
Thanks to emerging companies who specialize
in operational technology security, understand
the threat landscape, and offer purpose-built
solutions to address the complexities and
potential vulnerabilities of greater connectivity,
industrials can better prepare for and defend
against these types of attacks and stand up to
the new world of cyber criminals.
The threats you
don’t know about
It’s incumbent upon any organization that is
serious not only about its bottom line, but
about safety and longevity, to engage the
proper level of security expertise to protect
core commodities and production processes.
No longer will a last-minute frenzied call for
emergency technical support suffice. The
threats to critical infrastructure systems have
advanced far beyond mischievous kids in their
parents’ basement. They require the skill and
knowledge of industrial security specialists who
can proactively man industry’s bastions and
continuously patrol its back alleys to ward off
both outside and inside threats.
Thanks to emerging
companies who specialize
in operational technology
security industrials can
better prepare for and
defend against these
types of attacks.
25. Wurldtech Executive Guide 25
Security requires taking a proactive stance to maintain health and prevent bad stuff from
happening. In the industrial sector, a great place to start is with an overall site security
assessment and health check that can uncover existing weaknesses, map out potential
future risks, and recommend mitigation strategies.
In a 2014 ARC study, The Future of Industrial Cyber Security, it recommends organizations
“focus on cures, not remedies.” (In this case, ARC seems to be saying a remedy treats a
disease while a cure eradicates it.) As the study reveals, many existing control systems
were developed prior to online security being as grave a concern as it is today. And while
the need for compensatory controls and frequent patching (remedies) hasn’t gone by the
wayside, ARC advises companies to invest more time and energy into developing new
strategies that can cure (to the maximum extent possible) the underlying issues.
This is why security hygiene needs to be
an organizational priority—and it requires
the right game plan. First, emergencies
need handling and weaknesses need
uncovering. Next comes a treatment plan
for any issues found and then it’s a matter
of ongoing care and prevention.
With a security assessment, companies
can establish a baseline understanding of their existing security posture and begin to
develop an effective long-term strategy for maintaining overall system health and hygiene.
OT Security: Where to Start
Security hygiene needs
to be an organizational
priority—and it requires
the right game plan.
26. Wurldtech Executive Guide 26
Keep it clean: industrial-
strength security health
A typical assessment entails:
• Information gathering and documentation
relating to an organization’s people,
architecture, and technology
• Review and analysis of documents detailing
network configuration, topology, policies, and
other relevant aspects unique to an organization
• Onsite interviews and inspection with subject
matter experts for additional technical and
contextual understanding not apparent from
documentation reviews alone
• Onsite technical testing to assess and evaluate
the cyber security posture of assets
• Offline data analysis and application of best
practices methodology to assess risks
• Risk assessment to identify sources of
vulnerabilities, determine security posture,
prioritize potential risks, and provide
remediation roadmap
• Findings report to include recommended
mitigations based on prioritized risks
Benefits of an assessment include:
• In-depth visibility:
Discovery of current security posture via a
comprehensive report and workbook that maps
out the potential risks for each system analyzed
• Actionable results: Immediate security risk
remediation as well as long-term financial
planning and resource justification with
analysis based on leading expertise in the
operational technology security field
• Enhanced security: Best practices
methodologies identify key risks and dictate
necessary strategies for overall improved
security posture
Next, install security solutions purpose-built for
industrial and process control environments.
Solutions should have a modular platform
designed for scale to accommodate complex ICS
and SCADA systems and provide full network
visibility, control, and protection. And it should
interoperate with traditional or next-gen firewalls
to provide the right design for your IT–OT security
transition zone to best protect your processes
and control systems, all without the need for
network re-engineering or downtime.
Finally, industrial customers should expect device
manufacturers to certify that their products have
passed stringent security assessment throughout
the product development lifecycle.
27. Wurldtech Executive Guide 27
Security first
Security cannot be an after thought. Once
an assessment’s been completed, with
vulnerabilities found and patched, companies
can also look to implement new rules and
tactics and continue to build upon their game
plans for keeping fit. These may include:
• Decreasing the use of commercial off-the-
shelf systems that are easier to hack (the cost
savings often aren’t worth the risk)
• Forbidding use of personal devices in
control rooms
• Requiring changes to default passwords
on equipment
• Blocking off USB ports (Do you want a USB
drive to be the downfall of your operation?)
• Enforcing rules where they already exist
• Implementing stricter pre-employment
screening requirements
• Conducting property inventories and audits
(on desktops, laptops, removable media,
security tokens, access cards)
• Enhancing access controls for privileged users
Moreover, organizations should offer cyber
security training programs that encourage
dialogue—between engineers, contractors,
everyone—to raise awareness of cyber security
risks, including the dangers of setting up
unauthorized Internet connections. Risk is
everywhere, but can be reduced by enabling
accountability, implementing least privilege access,
and regulating sensitive control and data access.
Keeping up security hygiene isn’t easy, but
it’s worth the time, effort, and justified expense
to be safe.
28. Wurldtech Executive Guide 28
The Industrial Internet promises great opportunity. A 20 percent
8
efficiency gain over
15 years could yield billions in savings annually across industries such as energy,
transportation and healthcare.
But to fully realize its potential, the Industrial Internet must be secure. Strategies such as
air gapping are ineffective at best, and can provide a false sense of security at worst.
The threats to industrial environments are real and growing, including small-time thrill-
seeking thugs, nation-state hackers and internal staff or contractors. Research and
real-world examples are showing a dramatic rise in attacks. In fact, Security magazine
reported in 2014 that nearly 70 percent of critical infrastructure companies have
suffered a security breach.
Securing an operational technology (OT) environment is significantly different than
securing a traditional information technology (IT) environment. What you’re securing
is different, and how you secure it is different. IT focuses on digital information
protection. OT focuses on people and physical asset protection. To deliver security
solutions specific for OT requires an industrial mindset, purpose-built technology and
specific OT security expertise.
There are immediate steps both device manufacturers and industrial operators can do
to begin securing their most valued resources—people, environment and assets.
Assess – understand your vulnerabilities
Secure – install OT security solutions to secure critical assets
Certify – validate network robustness of industrial devices and confirm
that they meet requirements
Security waits for no one. Get started today.
Summary
29. Wurldtech Executive Guide 29
References
(Endnotes)
1 GE CEO Jeff Immelt: Let’s finally end the debate over whether we are in a tech bubble http://
www.businessinsider.com/ceo-of-ge-lets-finally-end-the-debate-over-whether-we-are-in-a-tech-
bubble-2015-12?utm_content=bufferd2f1autm_medium=socialutm_source=twitter.comutm_
campaign=buffer
2 GE Predix Software Platform Offers 20% Potential Increase in Performance,
http://www.businesswire.com/news/home/20150929006773/en/GE-Predix-Software-Platform-
Offers-20-Potential
3 http://www.gartner.com/newsroom/id/2905717
4 “Operational Technology Security – Focus on Securing Industrial Control and Automation Systems,”
March 14, 2014, Earl Perkins: http://blogs.gartner.com/earl-perkins/2014/03/14/operational-
technology-security-focus-on-securing-industrial-control-and-automation-systems/
5 SecurityWeek, September 17, 2015, “Russian Hackers Target Industrial Control Systems: US Intel
Chief,” Eduard Kovacs: http://www.securityweek.com/russian-hackers-target-industrial-control-
systems-us-intel-chief
6 Verizon 2015 Data Breach Investigations Report
7 CERT Insider Threat Center Blog, “Analyzing Insider Threat Data in the MERIT Database,” Matt
Collins: https://insights.sei.cmu.edu/insider-threat/2013/10/-analyzing-insider-threat-data-in-the-
merit-database.html
8 GE CEO Jeff Immelt: Let’s finally end the debate over whether we are in a tech bubble. http://
www.businessinsider.com/ceo-of-ge-lets-finally-end-the-debate-over-whether-we-are-in-a-tech-
bubble-2015-12?utm_content=bufferd2f1autm_medium=socialutm_source=twitter.comutm_
campaign=buffer
30. T 1 877 369 6674
info@wurldtech.com
wurldtech.com
Wurldtech Security Technologies
Suite 2000, Four Bentall Centre
1055 Dunsmuir Street
PO Box 49133
Vancouver, BC V7X 1J1 Canada