& cplSiteName &

A Critical Time for Critical Infrastructure

Dan O'Shea
8/13/2015
100%
0%

What's a lifeline service? In the telecom industry, we used to say landline voice was such a service, but that's certainly no longer the case. Mobile or broadband Internet? To many people, those services seem like lifelines.

What about electricity, nuclear power, other forms of energy like oil and gas? Or transportation systems -- highways, railways and airline networks? And don't forget public safety -- everything from the local first responders to national homeland security and border management. There's little argument that all of the above are lifeline services as much as any telecom service is.

Yet, despite the extreme importance of these services, some of the world's critical infrastructure for enabling these lifeline services could be at risk for potentially devastating cyber security attacks. We aren't necessarily talking about hacker schemes targeting the IT systems of the companies operating this infrastructure the way Target and Sony have suffered embarrassing breaches.

That's an issue, but even more concerning is the possibility of highly organized, malicious attacks intended to disable the operational technology (OT) frameworks -- communications infrastructure, supervisory control and data acquisition (SCADA) systems, industrial control devices, sensors and other gear -- of critical infrastructure operators.

If you don't think it's happened before consider that around the time of last year's Sony hack, there was a much less publicized cyberattack on a nuclear power plant in South Korea. The famed Stuxnet virus, which affected nuclear power plants in Iran and Russia (never mind for this discussion who perpetrated it) is another recent example.


Want to know more about critical infrastructure? Light Reading has a new critical infrastructure section dedicated to it. Check it out.


The threat affects every society on the planet, regardless of how secure you are with your own nation's place in the pecking order of global affairs, or how confident you are in your company's ability to protect its own infrastructure.

A recent report from Intel Security and the Aspen Homeland Security Program suggests that operators of critical infrastructure might be over-confident in their ability to defend against attacks and misunderstand the scale of the current threat environment.

In North America, this encroaching reality is one of the driving forces behind the North American Electric Reliability Corporation's (NERC) Critical Infrastructure Protection requirements. NERC CIP Version 5, which calls for utilities of all sizes to meet new cyber security protection requirements and has a compliance deadline of April 2016, less than nine months away.

All of this goes a long way to explain why Light Reading has recently started covering the critical infrastructure market. It's a sector approaching a critical juncture. (Sorry to overuse the "c" word, but it's more than apt.)

Many operators of critical infrastructure traditionally have a conservative attitude about spending on new technology, according to vendors that have worked with them. Even when given an end-of-life notice on a piece of equipment, they sometimes spend more time stocking up on spares and replacements than they do planning upgrades to the latest and greatest gear.

The drive to meet the NERC CIP v.5 requirements looks a lot like a turning point in the spending and upgrade practices of critical infrastructure operators. The rapid evolution of cyber security threats means they need to invest in their OT networks.

Along with the implementation of cyber security solutions, many of them are in a position to replace or modify traditional SCADA frameworks with with IP-based and mobile M2M connectivity. That's good news for many technology suppliers -- not only the GEs of the world, as you might imagine, but also an increasing number of traditional telecom vendors than have recognized the critical infrastructure market opportunity.

This period of critical infrastructure upgrades promises to be an interesting, exciting and possibly contentious time. Companies that don’t meet the NERC CIP v.5 requirements on time could face stiff fines. The clock is ticking -- toward next year's NERC deadline for sure -- but also potentially toward a growing cyber security threat that will be hard to stop with antiquated attitudes and technologies.

— Dan O'Shea, Managing Editor, Light Reading

(3)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
ChiefOpe74834
50%
50%
ChiefOpe74834,
User Rank: Light Beer
9/2/2015 | 5:49:07 PM
Critical Infrustructure requires physical security
This is a good article with relevant points.  But the issue of security is not limited to just cyber.  Without a real emphasis on technologically advanced methods to protect the physical aspects of infrastructure, there won't be any reason for concern with the cyber portion.  I just recently wrote an opinion on this in LinkedIn Pulse.
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
8/15/2015 | 12:28:14 PM
Re: critical infrastructure
In the United States, I think the patchwork of electricity providers is probably the scariest critical infrastructure issue that exists today. 

There are so many power utilities comprising both public and private. Some power providers are huge Fortune 500 companies. Others are small municipalities. All of these organizations must focus on keeping infrastructure safe, and it's not an easy thing to do. 
Steve Saunders
50%
50%
Steve Saunders,
User Rank: Blogger
8/14/2015 | 9:18:21 AM
critical infrastructure
Great article. 

who are the key players in this market? 
More Blogs from DOS Attack
Ciena and ADVA separately show off the ability for their new data center interconnect gear to address a variety of distance needs.
The utility industry is keeping TDM alive, but maybe not for much longer.
Vendor CEOs make a lot of money, but we have a list of those who made more than most.
Mike Birck guided Tellabs for more than 30 years over a span of five decades.
Featured Video
From The Founder
John Chambers is still as passionate about business and innovation as he ever was at Cisco, finds Steve Saunders.
Flash Poll
Upcoming Live Events
September 12, 2018, Los Angeles, CA
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 6, 2018, London, United Kingdom
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Adtran Will Be a 5G Winner, Says Analyst
Iain Morris, News Editor, 7/19/2018
Trump Trashes EU's $5B Google Fine
Dan Jones, Mobile Editor, 7/19/2018
Get Off My Wireline Lawn!
Carol Wilson, Editor-at-large, 7/17/2018
Eurobites: EU Socks Google With $5B Monster-Fine for Android Control-Freakery
Paul Rainford, Assistant Editor, Europe, 7/18/2018
Netflix Is Growing, but Don't Ask by How Much
Phil Harvey, US News Editor, 7/16/2018
Upcoming Webinars
Webinar Archive
Animals with Phones
Casual Tuesday Takes On New Meaning Click Here
When you forget your pants.
Latest Comment
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed