The need for resilience in national infrastructure
November 2018, Government and Parastatal (Industry), Cyber Security, Security Services & Risk Management
The industries and infrastructure on which so much of our daily lives depend are deep in the midst of mass digitisation. Whether it’s processing huge quantities of data or using smart technologies to connect together the grid networks and devices which power our towns and cities, it’s out with paper-filled filing cabinets and legacy systems and in with software-defined and data-driven infrastructure.
While there are a great many benefits to be gleaned from this digital transformation, there is one obvious caveat: with digitisation comes the potential for cyber attackers to undermine and attack our critical national infrastructure.
An international data-driven vision
The appetite for digitisation is not only industry-wide, it’s international. By 2020, it’s expected that 72% of European consumers will have a smart meter for electricity, while figures from the European Commission’s most recent benchmark indicate these smart meters are registering 3% electricity savings on average. Data availability is fundamental to the success of smart metering with energy providers looking to ‘gamify’ the process of saving energy. According to a 2018 Energy Research & Social Science report, engaging residential energy users through gamification and providing information about consumption levels which they can compare against neighbours and friends is crucial to nudge them towards reducing consumption.
Taking a step back from energy consumption and thinking about its production, data has been described as the new oil – an even more valuable resource for the oil and gas exploration industry than crude itself. Data science experts assert that collecting big data analytics and real-time analysis can improve oil and gas production by 6-8%.
As well as improving product yields, in the world of drilling and completion, data quite literally gives sight to the blind, enabling engineers to better understand the risk of drilling certain wells, as well as improve the accuracy of drilling methods to reduce risk and increase production. Given the sheer volumes of data which oil and gas companies produce on a daily basis, digital transformation is not only necessary but must be rapid and continuous.
The challenge when it comes to digitising grid systems such as electricity, oil, gas and water is that once a network is software-defined it no longer needs to be unplugged at the mains or experience a sudden loss of power for outages to occur. Effectively, there is another way of turning off the lights and that is through a cyber breach. The cyber-attack on German energy firm EnBW last year and Siemens research finding that oil and gas firms are the most hacked serve as significant warnings that national infrastructure providers are primary targets for hackers.
Given the critical nature of power networks, in the era of ransomware and extortion-led hacking, it’s wholly unsurprising that they are subject to cyber-attack. While cybersecurity is of paramount importance, attacks cannot always be stopped at source, which means energy firms need robust recovery processes in place to minimise downtime.
Given that even a minor outage can be catastrophic and costly for these companies, investing in an always-on operational solution is of primary importance. Combined with a data management strategy that takes a holistic view of data across its lifecycle, a dedicated enterprise platform helps businesses reap the benefits of intelligent data management, ensuring that data is always protected, compliant and available.
Mitigating disaster in the clouds
Another industry which, for obvious reasons, has to take every imaginable precaution to protect against minor outages is aviation. Aircraft operate on some of the most highly sophisticated and secure computer systems known to man, but no computerised system is 100% immune from cyber-attack. While we tend to think of incredibly dramatic scenarios such as planes falling from the sky as hackers take control of the cockpit, the more likely security risks facing airlines regard passenger data.
Airlines are increasingly using artificial intelligence (AI) to perform end-to-end passenger identification and check-in procedures. Delta, for example, has invested in automated self-service bag checking kiosks and facial recognition technologies powered by AI as it believes the introduction of these technologies can greatly improve the customer flying experience.
The increasing volumes of aviation and airline data is one thing, but the diversity of this data is a whole different challenge. On one hand, you have the data being emitted from the aircraft, radio systems, baggage handlers, online check-in systems and security kiosks which all must be highly secured, anonymised, filtered and analysed in real-time as well as being stored and archived appropriately. Furthermore, airlines collect huge volumes of personal data from the millions of flyers each year. As well as highly sensitive personal details, this also includes banking and payment information.
Given the diverse array of data at the fingertips of aviation, as well as other private and public transport industries, companies are adopting multi-cloud strategies to guarantee a high level of data availability without compromising on data protection. A multi cloud environment, coupled with a best-in-class Disaster Recovery as a Service (DRaaS) solution, means operators can create user-friendly platforms and customer experiences, with a guaranteed level of service and failover.
If, as many commentators have suggested, data truly is the new oil, powering the digital transformation of everything, then national and international infrastructure providers must treat it as such. In doing so, data will become a hyper-available entity, which is protected by the most secure systems software engineers can build and mined for with increasing accuracy and enthusiasm. As crude oil is one of the most sought after substances by thieves, data has become the score which cyber-criminals aim for. Therefore, data-driven industries and enterprises must ensure that data is secure, protected and compliant, and that intelligent data management platforms are implemented and achieve their most critical business outcomes.