& cplSiteName &

A Critical Time for Critical Infrastructure

Dan O'Shea
8/13/2015
100%
0%

What's a lifeline service? In the telecom industry, we used to say landline voice was such a service, but that's certainly no longer the case. Mobile or broadband Internet? To many people, those services seem like lifelines.

What about electricity, nuclear power, other forms of energy like oil and gas? Or transportation systems -- highways, railways and airline networks? And don't forget public safety -- everything from the local first responders to national homeland security and border management. There's little argument that all of the above are lifeline services as much as any telecom service is.

Yet, despite the extreme importance of these services, some of the world's critical infrastructure for enabling these lifeline services could be at risk for potentially devastating cyber security attacks. We aren't necessarily talking about hacker schemes targeting the IT systems of the companies operating this infrastructure the way Target and Sony have suffered embarrassing breaches.

That's an issue, but even more concerning is the possibility of highly organized, malicious attacks intended to disable the operational technology (OT) frameworks -- communications infrastructure, supervisory control and data acquisition (SCADA) systems, industrial control devices, sensors and other gear -- of critical infrastructure operators.

If you don't think it's happened before consider that around the time of last year's Sony hack, there was a much less publicized cyberattack on a nuclear power plant in South Korea. The famed Stuxnet virus, which affected nuclear power plants in Iran and Russia (never mind for this discussion who perpetrated it) is another recent example.


Want to know more about critical infrastructure? Light Reading has a new critical infrastructure section dedicated to it. Check it out.


The threat affects every society on the planet, regardless of how secure you are with your own nation's place in the pecking order of global affairs, or how confident you are in your company's ability to protect its own infrastructure.

A recent report from Intel Security and the Aspen Homeland Security Program suggests that operators of critical infrastructure might be over-confident in their ability to defend against attacks and misunderstand the scale of the current threat environment.

In North America, this encroaching reality is one of the driving forces behind the North American Electric Reliability Corporation's (NERC) Critical Infrastructure Protection requirements. NERC CIP Version 5, which calls for utilities of all sizes to meet new cyber security protection requirements and has a compliance deadline of April 2016, less than nine months away.

All of this goes a long way to explain why Light Reading has recently started covering the critical infrastructure market. It's a sector approaching a critical juncture. (Sorry to overuse the "c" word, but it's more than apt.)

Many operators of critical infrastructure traditionally have a conservative attitude about spending on new technology, according to vendors that have worked with them. Even when given an end-of-life notice on a piece of equipment, they sometimes spend more time stocking up on spares and replacements than they do planning upgrades to the latest and greatest gear.

The drive to meet the NERC CIP v.5 requirements looks a lot like a turning point in the spending and upgrade practices of critical infrastructure operators. The rapid evolution of cyber security threats means they need to invest in their OT networks.

Along with the implementation of cyber security solutions, many of them are in a position to replace or modify traditional SCADA frameworks with with IP-based and mobile M2M connectivity. That's good news for many technology suppliers -- not only the GEs of the world, as you might imagine, but also an increasing number of traditional telecom vendors than have recognized the critical infrastructure market opportunity.

This period of critical infrastructure upgrades promises to be an interesting, exciting and possibly contentious time. Companies that don’t meet the NERC CIP v.5 requirements on time could face stiff fines. The clock is ticking -- toward next year's NERC deadline for sure -- but also potentially toward a growing cyber security threat that will be hard to stop with antiquated attitudes and technologies.

— Dan O'Shea, Managing Editor, Light Reading

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
ChiefOpe74834
50%
50%
ChiefOpe74834,
User Rank: Light Beer
9/2/2015 | 5:49:07 PM
Critical Infrustructure requires physical security
This is a good article with relevant points.  But the issue of security is not limited to just cyber.  Without a real emphasis on technologically advanced methods to protect the physical aspects of infrastructure, there won't be any reason for concern with the cyber portion.  I just recently wrote an opinion on this in LinkedIn Pulse.
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
8/15/2015 | 12:28:14 PM
Re: critical infrastructure
In the United States, I think the patchwork of electricity providers is probably the scariest critical infrastructure issue that exists today. 

There are so many power utilities comprising both public and private. Some power providers are huge Fortune 500 companies. Others are small municipalities. All of these organizations must focus on keeping infrastructure safe, and it's not an easy thing to do. 
Steve Saunders
50%
50%
Steve Saunders,
User Rank: Blogger
8/14/2015 | 9:18:21 AM
critical infrastructure
Great article. 

who are the key players in this market? 
More Blogs from DOS Attack
Ciena and ADVA separately show off the ability for their new data center interconnect gear to address a variety of distance needs.
The utility industry is keeping TDM alive, but maybe not for much longer.
Vendor CEOs make a lot of money, but we have a list of those who made more than most.
Mike Birck guided Tellabs for more than 30 years over a span of five decades.
From The Founder
Following a recent board meeting, the New IP Agency (NIA) has a new strategy to help accelerate the adoption of NFV capabilities, explains the Agency's Founder and Secretary, Steve Saunders.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Interviews
BT's McRae Sheds Light on 4K Strategy

5|25|17   |   4:45   |   (0) comments


At Light Reading's Big Communications Event 2017 in Austin, Texas, BT Group's Chief Network Architect Neil McRae talks about what it took for BT to broadcast live sports in 4K. Catch up with all our BCE coverage at http://www.lightreading.com/bce.asp.
From the Founder
How the NIA Aims to Advance NFV

5|25|17   |   08:07   |   (0) comments


Following a recent board meeting, the New IP Agency (NIA) has a new strategy to help accelerate the adoption of NFV capabilities, explains the Agency's Founder and Secretary, Steve Saunders.
LRTV Custom TV
Better Solutions That Address Growing Scale

5|25|17   |     |   (0) comments


For Comcast, the X1 rollout and 17-fold increases in broadband speeds in the past 16 years are among factors driving the need for Energy 2020 solutions that reduce cost and consumption, says Mark Hess.
LRTV Custom TV
Ethernity Network Delivers Instant Offloading of Network Functions With All-Programmable Intelligent NIC

5|25|17   |     |   (0) comments


David Levi, CEO of Ethernity Networks, explains that programmability of the hardware makes the company's All-Programmable Intelligent NIC uniquely beneficial for communications service providers that need advanced data appliances with agile support of virtualization. Utilizing the company's patented network processing technology, Ethernity offers data path ...
LRTV Documentaries
BCE 2017: Vodafone Gets Obsessed With Cloud-Native

5|25|17   |     |   (0) comments


Vodafone's Matt Beal updates us on Project Ocean and explains why simple virtualization isn't enough of a goal for network transformation. Catch up with other BCE 2017 keynotes and news at http://www.lightreading.com/bce.asp.
LRTV Documentaries
BCE 2017: Intel's Take on Network Transformation

5|24|17   |     |   (0) comments


In this BCE 2017 keynote, Lynn Comp discusses Intel's vision for areas such as analytics, automation and service assurance. For more videos and BCE coverage, see http://www.lightreading.com/bce.asp.
LRTV Documentaries
Order From Chaos: The Steve Saunders BCE Keynote

5|24|17   |   17:27   |   (0) comments


Kicking off BCE 2017, Light Reading founder Steve Saunders lays blame for NFV's slow ramp-up and urges telecom to return to old-fashioned standards building and interoperability testing.
Think of this as the video sequel to the recent columns he's written about NFV and the prospect of a telecom app store. (See

LRTV Documentaries
Service Provider Panel: Partnering in the Digital Era

5|22|17   |     |   (0) comments


Coopetition has always been part of telecom, but the ecosphere now includes data centers, vendors, apps developers, cloud service providers and Internet content providers. This BCE 2017 panel explores the new attitudes among network operators as to the value and variety of ...
LRTV Interviews
Site Demo: AT&T's IoT Flow Platform

5|19|17   |   04:25   |   (0) comments


At AT&T's R&D center in Tel Aviv, Israel, project leader Eyal Segev talks about the operator's Flow platform and how it helps to prototype IoT applications.
LRTV Documentaries
Agent of Change: A Q&A With AT&T's John Donovan

5|18|17   |     |   (0) comments


Carol Wilson talks with the man leading AT&T's transformation efforts about the challenge of change.
LRTV Documentaries
BCE Service Provider Panel: The New Business Realities

5|18|17   |     |   (0) comments


For virtualization to happen, the telecom industry first has to grapple with key functional aspects of SDN and NFV that need to be universal, such as onboarding of virtualized network functions and federation of software-defined networks.
LRTV Interviews
BCE Service Provider Keynote: CenturyLink

5|16|17   |   22:32   |   (0) comments


Aamir Hussain leads the Product Development and Technology organization at CenturyLink, which includes the company's information technology function. He is an experienced senior technology executive with more than 25 years of proven success in the implementation of global technology operations, operationalization of complex technology, infrastructures and business ...
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Cities Clamor for More Clout at FCC
Mari Silbey, Senior Editor, Cable/Video, 5/23/2017
What's Blocking 4K TV Today
Alan Breznick, Cable/Video Practice Leader, Light Reading, 5/22/2017
Sonus & Genband Finally Combine to Form $745M Company
Dan Jones, Mobile Editor, 5/23/2017
Fright Wigs & Cocktails: BCE 2017 in Pics
Mitch Wagner, Editor, Enterprise Cloud, 5/19/2017
Apple Looking to Cook 5G Test Devices
Dan Jones, Mobile Editor, 5/24/2017
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
One of the nice bits of my job (other than the teeny tiny salary, obviously) is that I get to pick and choose who I interview for this slot on the Light Reading home ...
TEOCO Founder and CEO Atul Jain talks to Light Reading Founder and CEO Steve Saunders about the challenges around cost control and service monetization in the mobile and IoT sectors.
Animals with Phones
What Brogrammers Look Like to the Rest of Us Click Here
Live Digital Audio

Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.