Upload
frost-sullivan
View
1.179
Download
3
Embed Size (px)
DESCRIPTION
An analyst briefing about cyber security and shaping the paradigm of the next-generation enterprise.
Citation preview
Cyber Security Cyber Security –– The Road AheadThe Road Ahead
Shaping the Paradigm of the NextShaping the Paradigm of the Next--generation Enterprisegeneration Enterprise
Karthik Sundaram, Senior Research Analyst
Industrial Automation & Process Control- Europe
16-05-201216-05-2012
© 2012 Frost & Sullivan. All rights reserved. This document contains highly confidential information and is the sole property of
Frost & Sullivan. No part of it may be circulated, quoted, copied or otherwise reproduced without the written approval of Frost & Sullivan.
Today’s Presenter
Place photo hereShadow Background
for effect
Functional Expertise
� Strategic Market Research expertise in the domain of Industrial Automation and Process Control.
� Technical expertise in the field of Industrial Automation & Process Control. Particular expertise in:
- Engineering, Design and Commissioning and of Safety Systems (Invensys Triconex)
Industry Expertise
� More than a year of intensive research expertise in the markets of distributed control systems (DCS), programmable logic controllers(PLC), human machine interface (HMI), supervisory control and data acquisition (SCADA) and product lifecycle management (PLM).
What I bring to the Team
� Intensive experience and domain expertise in the Automation Industry
� Exposure to major Industry standards and architecture
� Global experience with leading corporates in Singapore & Qatar
2
Karthik SundaramSenior Research Analyst
Frost & SullivanEuropeChennai, India
Career Highlights
� Extensive expertise in safety systems for Oil & Gas and Refinery projects.
� Worked in major projects for Invensys, India with global clients in the field of Engineering, EPC and Process Industries. This includes
- Qatar Gas
- Fluor, USA
- CTJV, Qatar
- Emerson Process Management, Singapore
- Tecnicas Reunidas, Spain
Education
� Bachelor of Engineering from Anna University, Chennai, India.
Contents
Threats to Cyber Security – An Overview
Cyber Threats- A Cause Analysis
The Stuxnet and its Legacy
Cyber Attacks – A Historical Perspective
3
Cyber Threats- A Cause Analysis
Visualising the Factory of Future
Discerning Challenges in the Industrial World
Cyber Security in Future of Factories
Key Takeaway for IA Vendors
Threats to Cyber Security – An Overview
Defining Cyber Attacks
Cyber
Attacks
Political
MonetaryCompetitive
Cyber Attacks are strategic crimes aimed at
disrupting industrial activity for benefits spread
across monetary, competitive and political factors.
Nature of Cyber Attacks
Primary Motive of Cyber Attacks:
Hijacking industrial Automation and Control
System (ACS) for economic and political gains.
4
Emergence of Cyber Threats
� The world of industrial automation has grown significantly
over the past two decades. The advent of advanced
automation and control system products such as DCS, PLC,
SCADA and HMI – with high-end network capabilities
– have enabled end-users reduce downtime and improve
productivity, considerably.
� However, industries with elaborate and sophisticated
network layers do not possess a robust security framework
that can deal with possible intrusions and ensure process
safety and integrity.
An Industrial
Automation
Vendor
“The alarming growth of cyber threats
can be attributed to two key factors-
usage of legacy systems and end-user
reluctance in acknowledging the need
for greater security investments.”
Source: Frost & Sullivan Analysis.
Cyber Attacks – A Historical Perspective
Stuxnet Attack in Iranian Nuclear
Plant
Duqu Attacks in Iranian Nuclear
Facility
January 2008, Poland
December 2010, Iran
November 2011, Iran
The number of cyber attacks on
industries and commercial IT
networks has seen a marked increase
in terms of both frequency and
intensity over the last five years.
5
Maroochy Shire Sewage Spill in
Australia
Cyber Attack on Davis-Besse Power
Station of First Energy
Public Tram System Hacked
Remotely
Plant
March 2000, Australia
January 2003, The United States
The Stuxnet attack in Iran was
pivotal in capturing the attention of
industries towards cyber security.
In April 2009, the Wall Street
Journal reported the perpetration
of cyber attacks on electrical grids
in the United States.
Source: Frost & Sullivan Analysis.
The Stuxnet story is still subject to
popular debate but its impact on
industrial cyber security is
unmatched in history. In future,
industrial history is likely to be
divided into the pre-Stuxnet and
post-Stuxnet eras.
The Stuxnet and its Legacy
The Stuxnet Story: Series of Key Events
6
Source: The Economist & Frost & Sullivan Analysis.
post-Stuxnet eras.
Off-springs of Stuxnet
�Night Dragon – extracting information from energy companies, compromising intellectual property
�Duqu, Nitro – Malwares that specialise in Industrial Espionage
Cyber Threats- A Cause Analysis
Rise of Cyber Threats – Mapping the Causes� End-user ignorance about risk of cyber
threats
� Lack of measurable ROI from cyber
investments
� Collaborative trends between inter-enterprise
disciplines increases vulnerability
Primary
Causes
End-user
Awareness
Collaborative
TrendsIT know-how
in industries
7
A Leading IT
Vendor
“There is too much segregation between
IA networks and IT networks from a
supervision point of view and therefore
IA is vulnerable to Cyber Attacks.”
Source: Frost & Sullivan Analysis.
� Lack of strategic IT know-how of operating
personnel
� Knowledge gap in Industrial IT attributed to
rise in cyber attacks
disciplines increases vulnerability
� Network loopholes in legacy system
architecture improves chances of cyber
attacks
Trendsin industries
Discerning Challenges in the Industrial World
Impact on Internet Protocol Devices
• Risk of Cyber Security to impact growth
and adoption of IP-based field devices by
the end-user community
• Increased threat on account of IP
standard’s high prevalence in the higher
layers of enterprise architecture
Challenge for IA Vendors
Cyber Threats Impede Enterprise
Integration
• Integration of multiple enterprise
disciplines will increase organizational
productivity and enhance efficiency
• But greater integration increases
probability for cyber attacks
Influence on Wireless Technology
8
The biggest benefactor from cyber threats are commercial IT vendors and niche security solution The biggest benefactor from cyber threats are commercial IT vendors and niche security solution
providers , who are expected to have a greater role in the future of factories and industries.
Challenge for IA Vendors
• Entry of commercial IT vendors through the
channel of cyber security will influence
market dynamics of Industrial Automation
(IA)
• Greater competition for IA vendors
anticipated in the coming years
Source: Frost & Sullivan Analysis.
Influence on Wireless Technology
• Questions on safety and integrity of
wireless technology will be exacerbated by
concerns of cyber security
• Cyber security will be a decisive factor in
growth of wireless technology in future
enterprises
Visualizing the Factory of Future
Vision for the Future of Factories: Mapping Technology Drivers and Demand Drivers
Factory
of the Future
Growth in Developing
EconomiesPower, Infrastructure etc.
Mass CustomisationFlexible Manufacturing
SustainabilityResource & Environment
Wireless IntelligenceWLAN, Wifi, Wireless HART
Smart CloudsEffective Data Storage
& Information Mgmt.
9M3C6-17
of the Future Flexible Manufacturing
Cyber Security
Securing plant floor
from cyber attacks
Technology drivers Demand drivers
WLAN, Wifi, Wireless HART
RoboticsNew human-robot interactive
cooperation Enterprise IntegrationIntegrating Enterprise with
shop-floor
Cyber Security will be the sine qua
non of the next-generation enterprise Source: Frost & Sullivan Analysis.
Cyber Security in Factory of Future
The Paradigm of Cyber Security in the Next-Generation Enterprise
Industrial
Management
Policy
Multi-level Exclusive
Developing an exclusive
Industrial workforce
The Adoption of the
ISA-99 Industrial
Defense in Depth
Strategy
Flexible management policy towards
Cyber Security as an exclusive strategic
discipline for regulatory compliance
10
Industrial
Cyber
Security
Multi-level
Network
Protection
Pro-active Threat
Assessment
Exclusive
Industrial Cyber
Workforce
Industrial workforce
that caters to industrial
network security in
future factories
ISA-99 Industrial
Automation & Control
Systems Security
(IACS) approach
Demilitarized
Zones (DMZs)
Cellular
Design
Continuous risk assessment of cyber
threats with third party organizations
for regular updates
The post-Stuxnet era will see the dawn of greater
industrial cyber regulations and standards.Source: Frost & Sullivan Analysis.
Key Takeaway for IA Vendors
The current ACS product portfolio needs to be re-designed
to meet the needs of the next-generation enterprise.
The on-set of regulations and security standards is likely to
improve end-user investments in implementing robust
security mechanisms
11
Emphasis on cyber security will provide new avenues for
commercial IT vendors to improve their market presence in
the industrial landscape.
A new league of partnerships between IA vendors and
commercial IT vendors will become the order of the day in
future factories.
Source: Frost & Sullivan Analysis.
Next Steps
Develop Your Visionary and Innovative SkillsGrowth Partnership Service Share your growth thought leadership and ideas or
join our GIL Global Community
12
Join our GIL Community NewsletterKeep abreast of innovative growth opportunities
Your Feedback is Important to Us
Growth Forecasts?
Competitive Structure?
What would you like to see from Frost & Sullivan?
13
Emerging Trends?
Strategic Recommendations?
Other?
Please inform us by “Rating” this presentation.
Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter
http://www.facebook.com/FrostandSullivan
http://www.linkedin.com/companies/4506
14
http://twitter.com/frost_sullivan
http://www.linkedin.com/companies/4506
http://www.slideshare.net/FrostandSullivan
For Additional Information
Karthik Sundaram
Senior Research Analyst,
Industrial Automation & Process Control -
Europe
+91 44 6681 4179
Anna Zanchi
Marketing & Communications Executive,
Industrial Automation & Process Control -
Europe
+39.02.4651 4819
15
Muthukumar Viswanathan
Practice Director,
Industrial Automation & Process Control -
Europe
+44 20 7915 7804
Sivakumar Narayanswamy
Program Manager,
Industrial Automation & Process Control -
Europe
+91 44 6681 4186