Industrial Control Systems Cyber Security Market Survey by Serena Cheng 20140306

Industrial Control Systems Cyber Security
Sirena Cheng
Sr. Marketing Manager
Mar. 6, 2014
Agenda
u
Industrial Control System Cyber Security Market Overview
u
Industrial Control System Cyber Security Market Forecast
u
Cyber Security business opportunity in Industrial Control System
u
AEWIN Network security platform introduction
u
About AEWIN
u
Why AEWIN ?
u
Q&A
Technology Trends in ICS
u
COTS (Commercial-Off-The-Shelf) technologies
•
Operating systems—Windows, WinCE, embedded RTOSes
•
Applications—Databases, web servers, web browsers, etc.
•
IT protocols—HTTP, SMTP, FTP, DCOM, XML, SNMP, etc.
•
Networking equipment—switches, routers, firewalls, etc.
u
Connectivity of ICS to enterprise LAN
•
Improved business visibility, business process efficiency
•
Remote access to control center and field devices
u
IP Networking
•
Common in higher level networks, gaining in lower levels
•
Many legacy protocols wrapped in TCP or UDP
•
Most new industrial devices have Ethernet ports
Most new ICS architectures are IP-based
Security Risks to Modern ICS
•
COTS + IP + connectivity = many security risks
•
All of those of Enterprise networks and more
Worms and Viruses Legacy OSes and applications
DOS and DDOS impairing availability Inability to limit access
Unauthorized access Inability to revoke access
Unknown access Unexamined system logs
Unpatched systems Accidental misconfiguration
Little or no use of anti-virus Improperly secured devices
Limited use of host-based firewalls Improperly secured wireless
Improper use of ICS workstations Unencrypted links to remote sites
Unauthorized applications Passwords sent in clear text ICS are typically used in
Unnecessary applications Default passwords as electrical, water and
and natural gas, chemic
Open FTP, Telnet, SNMP, HTML ports Password management problems transportation, pharma
Fragile control devices Default OS security configurations paper, food and bevera
manufacturing (e.g., au
Network scans by IT staff Unpatched routers / switches aerospace, and durable
ICS – What is the #1 problem?
u
Too much embedded Linux (3x)
u
Not enough visibility into SCADA networks
u
Control system vendors do not always integrate security
u
Managing identities – especially assets (2x)
u
Overlaying IT capabilities on control networks
u
20-year old security mentality on SCADA
u
SCADA security became an issue too quickly
u
Zero-day ICS attacks
u
Low risk awareness
u
Few cyber security standards – indecision
u
Legacy protocols (2x)
u
Data integrity for control devices
u
Son of Stuxnet
u
Explosion of data
Agenda
u
u
u
u
u
About AEWIN
u
Why AEWIN ?
u
Q&A
Industrial Control Systems (ICS) Security Mar
et worth $10.33 Billion by 2018
•
The global ICS security market is estimated to be $7.02 billion in 2013 a
is expected to grow to $10.33 billion in 2018. This represents an estima
Compound Annual Growth Rate (CAGR) of 8.0% from 2013 to 2018.
•
In the current scenario, the power, energy and utilities vertical security c
inues to be the largest segment, in terms of spending and adoption, for
S security solutions. This is followed by commercial, communication sys
ms and manufacturing industry ICS security solutions.
•
In terms of regions, North America is expected to be the biggest market
the basis spending and adoption for ICS security solutions. Marketsand
rkets further expects that the increasing energy markets in the developi
economies and increased deployment of ICS infrastructure will further e
ance the growth of the market.
Global Critical Infrastructure Protection Market Rep

2013-2018
It is expected the CIP

will grow from $63.76 b
2013 to $105.95 billi
2018, at a CAGR of 1
http://www.infra-fp7.com/category/publications
Market Driver #1: Widespread Connectivity to Outside Netw
rks
•
The “islands of automation” of the 1990’s are gone:
⁻ "In our experience in conducting hundreds of vulnerability assessments in the pri
sector, in no case have we ever found the operations network, the SCADA system
energy management system separated from the enterprise network…
⁻ On average, we see 11 direct connections between those networks.”
•
The trend to external connectivity will accelerate:
⁻ “71% of control engineers expect to see either significant or moderate increases
onnectivity between industrial endpoints and corporate IT infrastructure over the n
3-5 years.“
Market Driver #2: Widespread Use of COTS Technology
•
Proprietary industrial network and operating system technologies are d
pearing
•
Commercial-off-the-shelf (COTS) technologies are common on the plan
oor. For example:
• Ethernet
• TCP/IP
• Windows
•
Industrial communications standards are being converted to Ethernet a
TCP/IP. For example:
• Modbus TCP (Formerly Modbus/Modbus+)
• EtherNet/IP (Formerly ControlNet)
• ProfiNet (Formerly Profibus)
Market Driver #3: The Bad Guys Have Discovered “SCADA
•
Stuxnet worm introduced professional hackers and security researchers
the world of industrial control systems (SCADA)
•
Inspired a new generation of attacks on energy industry:
• Nitro
• Night Dragon
• Shamoon
•
Avalanche of new public security vulnerabilities in SCADA
• Before Stuxnet: 5 disclosed vulnerabilities
• 2011: 215 disclosed vulnerabilities
• 2012: 248 disclosed vulnerabilities
•
40% of disclosed vulnerabilities included working attack code
ICS Security Revenue by Region, World Market 201

2020
Agenda
u
u
u
u
u
About AEWIN
u
Why AEWIN ?
u
Q&A
Industrial Control System Site Protection System
The integrated system includes the following subsystems and products

l Video Surveillance
l Access Control
l Alarm Systems
l Video Analysis
l Sensors (Fence detection, High frequency cable, Microwave barriers)
l Gates, Door Systems and Barriers
l Land and Maritime Tracking Software
l Radars
l Communication
l IT Framework
l Management System
CBRN Detection
Perimeter Protection in Utilities
Firewall
Site-to-site
IDS/IPS
VPN
Client VPN
DMZ
Proxy
Network AV
Host IDS/IPS
NAC
Interior Protection in Utilities
IDS
Port Scan
Vuln Scan
Firewall
NAC
SCADA VPN
Firewall
SCADA VPN
Port Scan
IDS
Monitor, Log, Analyze, Report
Log Managed
Analyze Security
Report
Compliance
Agenda
u
u
u
u
u
About AEWIN
u
Why AEWIN ?
u
Q&A
4U Rack Mount Intel Xeon E5-4600 Network Platform
SCB-9651
Quad Intel Sandy / Ivy Bridge Xeon E5-46
Processor
Total 16 DIMMs up to 256GB~512GB
ECC UDIMM/RDIMM DDR3 1600/1866MHz up to 256
(16GB/32GB per DIMM)
High Availability design to Remove and cha
320Gbps 256~512GB 8GT/s

throughput memory QPI
2U, 1010Watt 4U, 1620W

1+1 3+1
IPMI redundancy redundan
power power
Critical Infrastructure Protection – Cybersecurity in

ndustrial Control system
SCB-8973
Features
Support 1U ATX redundant power sup
Haswell processors, LGA1150
Max 32GB Dual-Channel DDR3 1333/1
Max 15 GbE Copper ports via PCI-e x4
Support Optional Fiber port, up to 8 P
Cryptographic Hardware Acceleration
IPMI Remote Management Interface f
SCB-7983
Support Intel® Rangeley 22nm Rangeley

FCBGA
Max 32GB Dual-Channel DDR3/L 1333/1

System Memory
Max 16 GbE Copper ports via PCI-e x4/x1

Optional Fiber port, up to 8 Ports
Intel® Quick Assist for Cryptographic Har

Acceleration
2014 New product
ODM design
SCB-6981 – Fanless Network Security appliance

Agenda
u
u
u
u
u
About AEWIN
u
Why AEWIN ?
u
Q&A
VISION At an extremely cost effective performance and innovative solution to keep grow
MISSION

Industrial Control Systems Cyber Security Market Survey by Serena Cheng 20140306

Uploaded by

Document Information

Copyright

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Industrial Control Systems Cyber Security Market Survey by Serena Cheng 20140306

Uploaded by

Copyright:

Industrial Control Systems Cyber Security

Global Critical Infrastructure Protection Market Rep

It is expected the CIP

Market Driver #2: Widespread Use of COTS Technology

ICS Security Revenue by Region, World Market 201

Industrial Control System Site Protection System

The integrated system includes the following subsystems and products

Interior Protection in Utilities

High Availability design to Remove and cha

320Gbps 256~512GB 8GT/s

2U, 1010Watt 4U, 1620W

Critical Infrastructure Protection – Cybersecurity in

Support Intel® Rangeley 22nm Rangeley

Max 32GB Dual-Channel DDR3/L 1333/1

Max 16 GbE Copper ports via PCI-e x4/x1

Intel® Quick Assist for Cryptographic Har

SCB-6981 – Fanless Network Security appliance

You might also like