The need for resilience in national infrastructure

1 November 2018 Government and Parastatal (Industry), Cyber Security, Security Services & Risk Management

The industries and infrastructure on which so much of our daily lives depend are deep in the midst of mass digitisation. Whether it’s processing huge quantities of data or using smart technologies to connect together the grid networks and devices which power our towns and cities, it’s out with paper-filled filing cabinets and legacy systems and in with software-defined and data-driven infrastructure.

While there are a great many benefits to be gleaned from this digital transformation, there is one obvious caveat: with digitisation comes the potential for cyber attackers to undermine and attack our critical national infrastructure.

Kate Mollett
Kate Mollett

An international data-driven vision

The appetite for digitisation is not only industry-wide, it’s international. By 2020, it’s expected that 72% of European consumers will have a smart meter for electricity, while figures from the European Commission’s most recent benchmark indicate these smart meters are registering 3% electricity savings on average. Data availability is fundamental to the success of smart metering with energy providers looking to ‘gamify’ the process of saving energy. According to a 2018 Energy Research & Social Science report, engaging residential energy users through gamification and providing information about consumption levels which they can compare against neighbours and friends is crucial to nudge them towards reducing consumption.

Taking a step back from energy consumption and thinking about its production, data has been described as the new oil – an even more valuable resource for the oil and gas exploration industry than crude itself. Data science experts assert that collecting big data analytics and real-time analysis can improve oil and gas production by 6-8%.

As well as improving product yields, in the world of drilling and completion, data quite literally gives sight to the blind, enabling engineers to better understand the risk of drilling certain wells, as well as improve the accuracy of drilling methods to reduce risk and increase production. Given the sheer volumes of data which oil and gas companies produce on a daily basis, digital transformation is not only necessary but must be rapid and continuous.

The challenge when it comes to digitising grid systems such as electricity, oil, gas and water is that once a network is software-defined it no longer needs to be unplugged at the mains or experience a sudden loss of power for outages to occur. Effectively, there is another way of turning off the lights and that is through a cyber breach. The cyber-attack on German energy firm EnBW last year and Siemens research finding that oil and gas firms are the most hacked serve as significant warnings that national infrastructure providers are primary targets for hackers.

Given the critical nature of power networks, in the era of ransomware and extortion-led hacking, it’s wholly unsurprising that they are subject to cyber-attack. While cybersecurity is of paramount importance, attacks cannot always be stopped at source, which means energy firms need robust recovery processes in place to minimise downtime.

Given that even a minor outage can be catastrophic and costly for these companies, investing in an always-on operational solution is of primary importance. Combined with a data management strategy that takes a holistic view of data across its lifecycle, a dedicated enterprise platform helps businesses reap the benefits of intelligent data management, ensuring that data is always protected, compliant and available.

Mitigating disaster in the clouds

Another industry which, for obvious reasons, has to take every imaginable precaution to protect against minor outages is aviation. Aircraft operate on some of the most highly sophisticated and secure computer systems known to man, but no computerised system is 100% immune from cyber-attack. While we tend to think of incredibly dramatic scenarios such as planes falling from the sky as hackers take control of the cockpit, the more likely security risks facing airlines regard passenger data.

Airlines are increasingly using artificial intelligence (AI) to perform end-to-end passenger identification and check-in procedures. Delta, for example, has invested in automated self-service bag checking kiosks and facial recognition technologies powered by AI as it believes the introduction of these technologies can greatly improve the customer flying experience.

The increasing volumes of aviation and airline data is one thing, but the diversity of this data is a whole different challenge. On one hand, you have the data being emitted from the aircraft, radio systems, baggage handlers, online check-in systems and security kiosks which all must be highly secured, anonymised, filtered and analysed in real-time as well as being stored and archived appropriately. Furthermore, airlines collect huge volumes of personal data from the millions of flyers each year. As well as highly sensitive personal details, this also includes banking and payment information.

Given the diverse array of data at the fingertips of aviation, as well as other private and public transport industries, companies are adopting multi-cloud strategies to guarantee a high level of data availability without compromising on data protection. A multi cloud environment, coupled with a best-in-class Disaster Recovery as a Service (DRaaS) solution, means operators can create user-friendly platforms and customer experiences, with a guaranteed level of service and failover.

If, as many commentators have suggested, data truly is the new oil, powering the digital transformation of everything, then national and international infrastructure providers must treat it as such. In doing so, data will become a hyper-available entity, which is protected by the most secure systems software engineers can build and mined for with increasing accuracy and enthusiasm. As crude oil is one of the most sought after substances by thieves, data has become the score which cyber-criminals aim for. Therefore, data-driven industries and enterprises must ensure that data is secure, protected and compliant, and that intelligent data management platforms are implemented and achieve their most critical business outcomes.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

From physical security to cybersecurity
Access & Identity Management Handbook 2020, Genetec , Cyber Security, Security Services & Risk Management
Genetec discusses the security-of-security concept as a means to protect cameras, door controllers and other physical security devices and systems against cybercriminal activity.

Read more...
Biometrics in identity
Access & Identity Management Handbook 2020 , Access Control & Identity Management, Security Services & Risk Management
With multiple identity providers offering to manage digital identities for the general public, the root identity – the single sovereign trusted identity upon which all others are based – must start with government.

Read more...
Securing perimeters of secure locations
November 2019, Axis Communications SA, Modular Communications, Hikvision South Africa, Nemtek Electric Fencing Products, Technews Publishing, Stafix , Government and Parastatal (Industry), Perimeter Security, Alarms & Intruder Detection, Integrated Solutions
Hi-Tech Security Solutions asked a number of companies offering perimeter security solutions for their insights into protecting the boundaries of national key points.

Read more...
What are the cybersecurity issues in video surveillance?
November 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
he importance of the data captured by surveillance cameras – and what can be done with it – has led to a new breed of cybercriminals, looking for insights to steal and sell.

Read more...
Cyber-securing your surveillance infrastructure
CCTV Handbook 2019, Genetec, Hikvision South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
When it comes to cybersecurity, understanding the risks and the solutions as well as engaging in open communication helps everyone.

Read more...
Keeping your things to yourself
October 2019, Technews Publishing , Editor's Choice, Cyber Security, Integrated Solutions, IT infrastructure
Three experts spoke to Hi-Tech Security Solutions to offer advice on keeping your IoT working for you and not for cyber criminals.

Read more...
IoT in security
October 2019, Duxbury Networking, Technews Publishing , Editor's Choice, Cyber Security, Integrated Solutions, IT infrastructure
Using the Internet of Things is not really optional these days, but securing the Internet of Things is compulsory, no matter what industry you operate in.

Read more...
ContinuitySA offers ISO 22301 Lead Implementer course
October 2019, ContinuitySA , Training & Education, Security Services & Risk Management, Transport (Industry)
ContinuitySA is once again offer its five-day Certified ISO 22301 Lead Implementer course on 18-22 November 2019 at the company's Midrand facility.

Read more...
Preparing your data for PoPI
September 2019 , IT infrastructure, Security Services & Risk Management
When it comes to protecting any information, the way data is secured across the value chain needs to be addressed.

Read more...
NFa2p security certification
October 2019 , News, Cyber Security
Advisor Advanced obtains the highest level of certification to the NFa2p Electronic Security Standard for a complete security system.

Read more...