Cyber Security – The Road Ahead

Shaping the Paradigm of the Next-generation Enterprise Next-

Karthik Sundaram, Senior Research Analyst Industrial Automation & Process Control- Europe 16-05-2012

© 2012 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property of Frost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.

Design and Commissioning and of Safety Systems (Invensys Triconex) - Place photo here Shadow Background for effect Industry Expertise More than a year of intensive research expertise in the markets of distributed control systems (DCS). USA CTJV. 2 . Technical expertise in the field of Industrial Automation & Process Control. India with global clients in the field of Engineering. India. This includes Qatar Gas Fluor. Particular expertise in: Engineering. programmable logic controllers(PLC). What I bring to the Team Intensive experience and domain expertise in the Automation Industry Exposure to major Industry standards and architecture Global experience with leading corporates in Singapore & Qatar Karthik Sundaram Senior Research Analyst Frost & Sullivan Europe Chennai. India Career Highlights Extensive expertise in safety systems for Oil & Gas and Refinery projects. Qatar Emerson Process Management. Chennai. supervisory control and data acquisition (SCADA) and product lifecycle management (PLM). Spain - Education Bachelor of Engineering from Anna University. human machine interface (HMI).Today’s Presenter Functional Expertise Strategic Market Research expertise in the domain of Industrial Automation and Process Control. Singapore Tecnicas Reunidas. Worked in major projects for Invensys. EPC and Process Industries.

Contents Threats to Cyber Security – An Overview Cyber Attacks – A Historical Perspective The Stuxnet and its Legacy Cyber Threats.A Cause Analysis Discerning Challenges in the Industrial World Visualising the Factory of Future Cyber Security in Future of Factories Key Takeaway for IA Vendors 3 .

industries with elaborate and sophisticated network layers do not possess a robust security framework that can deal with possible intrusions and ensure process safety and integrity. Primary Motive of Cyber Attacks: Hijacking industrial Automation and Control System (ACS) for economic and political gains. PLC. Emergence of Cyber Threats The world of industrial automation has grown significantly over the past two decades. 4 . “The alarming growth of cyber threats can be attributed to two key factorsusage of legacy systems and end-user reluctance in acknowledging the need for greater security investments. competitive and political factors. However.” An Industrial Automation Vendor Nature of Cyber Attacks Political Cyber Attacks Competitive Monetary Source: Frost & Sullivan Analysis.Threats to Cyber Security – An Overview Defining Cyber Attacks Cyber Attacks are strategic crimes aimed at disrupting industrial activity for benefits spread across monetary. SCADA and HMI – with high-end network capabilities – have enabled end-users reduce downtime and improve productivity. considerably. The advent of advanced automation and control system products such as DCS.

Iran November 2011. Source: Frost & Sullivan Analysis.Cyber Attacks – A Historical Perspective The number of cyber attacks on industries and commercial IT networks has seen a marked increase in terms of both frequency and intensity over the last five years. the Wall Street Journal reported the perpetration of cyber attacks on electrical grids in the United States. Iran Duqu Attacks in Iranian Nuclear Facility Nuclear January 2008. Maroochy Shire Sewage Spill in Australia 5 . The Stuxnet attack in Iran was pivotal in capturing the attention of industries towards cyber security. Australia In April 2009. The United States Cyber Attack on Davis-Besse Power Station of First Energy March 2000. Poland Stuxnet Attack in Iranian Plant Public Tram System Hacked Remotely January 2003. December 2010.

The Stuxnet and its Legacy The Stuxnet Story: Series of Key Events The Stuxnet story is still subject to popular debate but its impact on industrial cyber security is unmatched in history. 6 . Off-springs of Stuxnet Night Dragon – extracting information from energy companies. In future. industrial history is likely to be divided into the pre-Stuxnet and post-Stuxnet eras. Nitro – Malwares that specialise in Industrial Espionage Source: The Economist & Frost & Sullivan Analysis. compromising intellectual property Duqu.

” A Leading IT Vendor Source: Frost & Sullivan Analysis. 7 .A Cause Analysis Rise of Cyber Threats – Mapping the Causes End-user Awareness End-user ignorance about risk of cyber threats Lack of measurable ROI from cyber investments Primary Causes IT know-how in industries Collaborative Trends Collaborative trends between inter-enterprise disciplines increases vulnerability Network loopholes in legacy system architecture improves chances of cyber attacks Lack of strategic IT know-how of operating personnel Knowledge gap in Industrial IT attributed to rise in cyber attacks “There is too much segregation between IA networks and IT networks from a supervision point of view and therefore IA is vulnerable to Cyber Attacks.Cyber Threats.

Source: Frost & Sullivan Analysis.Discerning Challenges in the Industrial World Cyber Threats Impede Enterprise Integration • Integration of multiple enterprise disciplines will increase organizational productivity and enhance efficiency • But greater integration increases probability for cyber attacks Impact on Internet Protocol Devices • Risk of Cyber Security to impact growth and adoption of IP-based field devices by the end-user community • Increased threat on account of IP standard’s high prevalence in the higher layers of enterprise architecture Influence on Wireless Technology • Questions on safety and integrity of wireless technology will be exacerbated by concerns of cyber security • Cyber security will be a decisive factor in growth of wireless technology in future enterprises Challenge for IA Vendors • Entry of commercial IT vendors through the channel of cyber security will influence market dynamics of Industrial Automation (IA) • Greater competition for IA vendors anticipated in the coming years The biggest benefactor from cyber threats are commercial IT vendors and niche security solution providers . 8 . who are expected to have a greater role in the future of factories and industries.

Resource & Environment Growth in Developing Economies Power.Visualizing the Factory of Future Vision for the Future of Factories: Mapping Technology Drivers and Demand Drivers Sustainability Smart Clouds Effective Data Storage & Information Mgmt. Wireless Intelligence WLAN. Wifi. 9 . Wireless HART Factory of the Future Mass Customisation Flexible Manufacturing Robotics New human-robot interactive cooperation Enterprise Integration Integrating Enterprise with shop-floor Cyber Security Securing plant floor from cyber attacks Technology drivers Demand drivers Cyber Security will be the sine qua non of the next-generation enterprise M3C6-17 Source: Frost & Sullivan Analysis. Infrastructure etc.

Cyber Security in Factory of Future The Paradigm of Cyber Security in the Next-Generation Enterprise Flexible management policy towards Cyber Security as an exclusive strategic discipline for regulatory compliance Management Policy Developing an exclusive Industrial workforce that caters to industrial network security in future factories Exclusive Industrial Cyber Workforce Defense in Depth Strategy The Adoption of the ISA-99 Industrial Automation & Control Systems Security (IACS) approach Demilitarized Zones (DMZs) Cellular Design Industrial Cyber Security Pro-active Threat Assessment Multi-level Network Protection Continuous risk assessment of cyber threats with third party organizations for regular updates The post-Stuxnet era will see the dawn of greater industrial cyber regulations and standards. 10 . Source: Frost & Sullivan Analysis.

Source: Frost & Sullivan Analysis.Key Takeaway for IA Vendors The current ACS product portfolio needs to be re-designed to meet the needs of the next-generation enterprise. The on-set of regulations and security standards is likely to improve end-user investments in implementing robust security mechanisms Emphasis on cyber security will provide new avenues for commercial IT vendors to improve their market presence in the industrial landscape. 11 . A new league of partnerships between IA vendors and commercial IT vendors will become the order of the day in future factories.

Next Steps Develop Your Visionary and Innovative Skills Growth Partnership Service Share your growth thought leadership and ideas or join our GIL Global Community Join our GIL Community Newsletter Keep abreast of innovative growth opportunities 12 .

Your Feedback is Important to Us What would you like to see from Frost & Sullivan? Growth Forecasts? Competitive Structure? Emerging Trends? Strategic Recommendations? Other? Please inform us by “Rating” this presentation. 13 .

linkedin.Follow Frost & Sullivan on Facebook. and Twitter http://www. 14 .net/FrostandSullivan http://twitter.facebook. http://www. Sivakumar Narayanswamy Program Karthik Sundaram Senior Research Analyst.zanchi@frost. Industrial Automation & Process Control Europe +91 44 6681 4179 15 . Industrial Automation & Process Control Europe +44 20 7915 7804 Muthukumar Viswanathan Practice Director.4651 4819 anna.For Additional Information Anna Zanchi Marketing & Communications Executive. Industrial Automation & Process Control Europe +39. Industrial Automation & Process Control Europe +91 44 6681 4186 sivakumarn@frost.

Sign up to vote on this title
UsefulNot useful