The need for resilience in national infrastructure

November 2018 Government and Parastatal (Industry), Cyber Security, Security Services & Risk Management

The industries and infrastructure on which so much of our daily lives depend are deep in the midst of mass digitisation. Whether it’s processing huge quantities of data or using smart technologies to connect together the grid networks and devices which power our towns and cities, it’s out with paper-filled filing cabinets and legacy systems and in with software-defined and data-driven infrastructure.

While there are a great many benefits to be gleaned from this digital transformation, there is one obvious caveat: with digitisation comes the potential for cyber attackers to undermine and attack our critical national infrastructure.

Kate Mollett
Kate Mollett

An international data-driven vision

The appetite for digitisation is not only industry-wide, it’s international. By 2020, it’s expected that 72% of European consumers will have a smart meter for electricity, while figures from the European Commission’s most recent benchmark indicate these smart meters are registering 3% electricity savings on average. Data availability is fundamental to the success of smart metering with energy providers looking to ‘gamify’ the process of saving energy. According to a 2018 Energy Research & Social Science report, engaging residential energy users through gamification and providing information about consumption levels which they can compare against neighbours and friends is crucial to nudge them towards reducing consumption.

Taking a step back from energy consumption and thinking about its production, data has been described as the new oil – an even more valuable resource for the oil and gas exploration industry than crude itself. Data science experts assert that collecting big data analytics and real-time analysis can improve oil and gas production by 6-8%.

As well as improving product yields, in the world of drilling and completion, data quite literally gives sight to the blind, enabling engineers to better understand the risk of drilling certain wells, as well as improve the accuracy of drilling methods to reduce risk and increase production. Given the sheer volumes of data which oil and gas companies produce on a daily basis, digital transformation is not only necessary but must be rapid and continuous.

The challenge when it comes to digitising grid systems such as electricity, oil, gas and water is that once a network is software-defined it no longer needs to be unplugged at the mains or experience a sudden loss of power for outages to occur. Effectively, there is another way of turning off the lights and that is through a cyber breach. The cyber-attack on German energy firm EnBW last year and Siemens research finding that oil and gas firms are the most hacked serve as significant warnings that national infrastructure providers are primary targets for hackers.

Given the critical nature of power networks, in the era of ransomware and extortion-led hacking, it’s wholly unsurprising that they are subject to cyber-attack. While cybersecurity is of paramount importance, attacks cannot always be stopped at source, which means energy firms need robust recovery processes in place to minimise downtime.

Given that even a minor outage can be catastrophic and costly for these companies, investing in an always-on operational solution is of primary importance. Combined with a data management strategy that takes a holistic view of data across its lifecycle, a dedicated enterprise platform helps businesses reap the benefits of intelligent data management, ensuring that data is always protected, compliant and available.

Mitigating disaster in the clouds

Another industry which, for obvious reasons, has to take every imaginable precaution to protect against minor outages is aviation. Aircraft operate on some of the most highly sophisticated and secure computer systems known to man, but no computerised system is 100% immune from cyber-attack. While we tend to think of incredibly dramatic scenarios such as planes falling from the sky as hackers take control of the cockpit, the more likely security risks facing airlines regard passenger data.

Airlines are increasingly using artificial intelligence (AI) to perform end-to-end passenger identification and check-in procedures. Delta, for example, has invested in automated self-service bag checking kiosks and facial recognition technologies powered by AI as it believes the introduction of these technologies can greatly improve the customer flying experience.

The increasing volumes of aviation and airline data is one thing, but the diversity of this data is a whole different challenge. On one hand, you have the data being emitted from the aircraft, radio systems, baggage handlers, online check-in systems and security kiosks which all must be highly secured, anonymised, filtered and analysed in real-time as well as being stored and archived appropriately. Furthermore, airlines collect huge volumes of personal data from the millions of flyers each year. As well as highly sensitive personal details, this also includes banking and payment information.

Given the diverse array of data at the fingertips of aviation, as well as other private and public transport industries, companies are adopting multi-cloud strategies to guarantee a high level of data availability without compromising on data protection. A multi cloud environment, coupled with a best-in-class Disaster Recovery as a Service (DRaaS) solution, means operators can create user-friendly platforms and customer experiences, with a guaranteed level of service and failover.

If, as many commentators have suggested, data truly is the new oil, powering the digital transformation of everything, then national and international infrastructure providers must treat it as such. In doing so, data will become a hyper-available entity, which is protected by the most secure systems software engineers can build and mined for with increasing accuracy and enthusiasm. As crude oil is one of the most sought after substances by thieves, data has become the score which cyber-criminals aim for. Therefore, data-driven industries and enterprises must ensure that data is secure, protected and compliant, and that intelligent data management platforms are implemented and achieve their most critical business outcomes.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Putting secondary storage to work
September 2019 , IT infrastructure, Security Services & Risk Management
By 2022, more than 80% of enterprise data will be stored in scale-out storage systems in enterprise and cloud data centres, up from 40% in 2018.

Read more...
ContinuitySA offers Complete Continuity Practitioner in October
September 2019, ContinuitySA , Training & Education, Security Services & Risk Management
ContinuitySA is offering its popular five-day Complete Continuity Practitioner Programme on 21-25 October 2019 at its offices in Midrand.

Read more...
Security workforce compliance tool
September 2019 , Security Services & Risk Management
To maintain service excellence across a security workforce is impossible without the help of information systems and technology.

Read more...
Call back the past
September 2019, SCAN RF Projects , Security Services & Risk Management
Two-way radios are still very relevant in the security world and have gone through significant advances over the past few years to enable them to keep up with the expectations of people in today?s connected world.

Read more...
Check Point appoints new regional director for Africa
September 2019 , News, Cyber Security
Check Point Software Technologies has appointed Pankaj Bhula as regional director for Africa.

Read more...
ISO standard for protecting personal data
September 2019 , News, Cyber Security
Tackling privacy information management head on: first ISO standard for protecting personal data has been published.

Read more...
The hunt for the Carbanak group
September 2019 , Editor's Choice, Cyber Security, News
Tomorrow Unlocked has released a free four-part documentary that tells the story of the notorious Carbanak APT group and its $1 billion bank heist.

Read more...
Building automation vulnerable to hacks
September 2019 , News, Cyber Security
New vulnerability revealed in Internet-connected building automation devices at the DEF CON IoT Village that could impact critical building systems.

Read more...
X-rays in 3D
September 2019, XPro Security Solutions , Editor's Choice, Security Services & Risk Management
Hi-Tech Security Solutions asked Greg Dixon, director of XPro, for some insights into X-ray scanning and its pros and cons in today?s volatile world.

Read more...
Smart Inspection Unit developed by Roteck
September 2019 , Editor's Choice, Security Services & Risk Management
Roteck has announced a portable personnel and bag scanning unit that can easily be transported, set up and used in almost any location.

Read more...