- Along with restricted access policies, layered solutions help reduce vulnerabilities related to remote access, finds Frost & Sullivan
MOUNTAIN VIEW, California, June 4, 2015 /PRNewswire/ -- In a world defined by closer integration and connectivity, the points of vulnerability that were often overlooked are evolving into potential threat vectors. The influx of smart technologies such as the Internet of Things, cloud and mobility coupled with multiple networks and diversified assets increases the overall threat surface area. The use of a common information technology (IT) platform networking hardware to communicate with substation intelligent electronic devices (IEDs) also makes cybersecurity a growing concern. Apart from addressing the challenges stemming from heterogeneity in asset characterizations, proliferation of intelligent devices and regulatory demands, the need to counter targeted, advanced and persistent threats is fuelling cybersecurity adoption in the US power industry.
New analysis from Frost & Sullivan, Cybersecurity in the US Power Industry (https://www.frost.com/nf0a), finds that the scale of security implementation will depend on the industry's capability to suitably integrate the IT and operational technology worlds. Security intelligence and event management (SIEM) and real-time threat processing will be the most prevalent on-demand security intelligence platforms.
Networks, such as those present in utilities and critical infrastructure facilities, send and receive large volumes of sensitive data in real-time outside industrial networks. Meanwhile, the deployment of smart grids brings up the issue of data privacy.
"Employing a layered or in-depth defense strategy will help reduce vulnerabilities," said Frost & Sullivan Industrial Automation and Process Control Senior Research AnalystSonia Francisco. "Monitoring and controlling endpoints and networks through multifactor authentication, and restricted process area access can go a long way in overriding the risks of distributed assets."
While regulatory compliance is the main driver for uptake of cybersecurity, utilities remain unsure of the reliability and returns associated with investing in these solutions. End users remain skeptical since there is never a guarantee of full protection even with the use of firewalls, intrusion detection and prevention systems, as all software-based solutions are penetrable.
The lack of awareness on the implications of keeping unprotected assets and the increasing complexity of regulations also deter utilities from deploying cybersecurity systems. Moreover, products are often provided by niche suppliers that do not commonly work with enterprise IT platforms, and therefore do not meet end-user needs.
"Air gapping coupled with the use of proprietary communication protocols was, for a long time, the primary strategy employed by various power utilities," indicated Francisco." In a world that's becoming defined by closer integration and connectivity, successful implementation of industrial security solutions in the future will depend on the seamless merging of information technology and operational technology."
Cybersecurity in the US Power Industry is a Strategic Insight that is part of the Industrial Automation & Process Control (http://www.industrialautomation.frost.com) Growth Partnership Service program. This study examines emerging trends and best practices in the US power industry that will impact the cybersecurity market. The study also analyzes the current state of cybersecurity preparedness, unmet needs and industry challenges based on a series of Frost & Sullivan-moderated online discussion boards with participants in the power, chemicals and petrochemicals, and oil and gas industries.
About Frost & Sullivan
Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants.
Our "Growth Partnership" supports clients by addressing these opportunities and incorporating two key elements driving visionary innovation: The Integrated Value Proposition and The Partnership Infrastructure.
The Integrated Value Proposition provides support to our clients throughout all phases of their journey to visionary innovation including: research, analysis, strategy, vision, innovation and implementation.
The Partnership Infrastructure is entirely unique as it constructs the foundation upon which visionary innovation becomes possible. This includes our 360 degree research, comprehensive industry coverage, career best practices as well as our global footprint of more than 40 offices.
For more than 50 years, we have been developing growth strategies for the global 1000, emerging businesses, the public sector and the investment community. Is your organization prepared for the next profound wave of industry convergence, disruptive technologies, increasing competitive intensity, Mega Trends, breakthrough best practices, changing customer dynamics and emerging economies?