How Vulnerable is your Operational Technology System?

5/5 (2)

5/5 (2)

In recent times, there appears to be a shift in motive for cyber-attacks – along with common data theft, there is a proliferation of attacks aimed at the business interruption and physical incapacitation of business operations. We have witnessed an alarming increase in high-profile attacks on manufacturing businesses and critical infrastructure providers, globally.

This appears to be a global phenomenon. Honda manufacturing plants went offline in June after a cyber-attack compromised some of the Japanese automaker’s facilities. The same pattern emerged in a separate attack at the same time targeting Edesur S.A., a company belonging to the Enel Group that confirmed its internal IT network was disrupted due to a ransomware attack, which was caught by antivirus software before the malware could infect. Both companies had machines with Internet-accessible remote desktop servers, which is a favorite infection method among attackers nowadays. One of Australia’s largest brewers, Lion also faced a ransomware outbreak, last month. In Israel, it was reported that a cyber-attack very nearly poisoned the water supply with the attackers attempting to overload the water system with chlorine, and in recent days, a fire and explosion at an Iranian nuclear plant is suspected of being caused by cyber-attack.

These attacks highlight the need for appropriate investments in cybersecurity by companies and municipalities that own or operate critical infrastructure, properties (including places of public congregation, retailers and others) that are rapidly deploying a suite of operational technologies, and businesses in the manufacturing sector.

Operational Technology (OT) is the backbone of modern industrial operations and is a network of multiple computing systems that perform operations including production line management, operations control and industrial monitoring. OT can further include specific computing systems like industrial control systems (ICS) which is a collection of control systems used to operate and/or automate industrial processes. There are several types of ICSs, the most common of which are Supervisory Control and Data Acquisition (SCADA) systems, and Distributed Control Systems (DCS). With such industrial systems and smart end-user products connected by a common network, several vulnerabilities may appear.

In OT security, the focus is much less on information, but more on the industrial process that technology controls. Hence, availability and integrity are often more important than confidentiality. Any organisation employing OT should employ continual risk-based assessments of their cybersecurity posture to prioritise and tailor recommended guidelines and solutions to fit specific security, business, and operational requirements.

Why is OT More Vulnerable?

OT systems are versatile and can be found in all kinds of industrial settings and infrastructures like smart buildings, oil and gas, energy generation/distribution, mining, wastewater treatment/distribution, manufacturing, food production, consumer devices and transport. In fact, almost every business in 2020 has an element of IoT within their operations.

A big issue with OT is that a lot of the technology in place is over 20 years old and therefore was not designed to provide the security capabilities required to face cyber threats in 2020. Legacy technology often requires legacy hardware and software to support it – much of which is the end of life and unsupported by the vendors (for example, consider SCADA systems still reliant on Windows NT or older Unix based systems, which have not been supported by their vendors for many years).

OT systems have also been damaged as unintended side effects of problems starting in corporate networks that took advantage of increasing connectivity, proving clearly that the standard PCs that now form part of a typical organisation’s IT environment are in turn used to manage OT systems and become a major vector for such cyber-attacks.

When it comes to OT, safety and reliability are the primary concerns as attackers aim to disrupt the critical services industry and their customers rely upon them. Given the increasing propensity of connecting OT systems with corporate networks for ease of management and the growing use of IoT systems, the likelihood of such systems being affected by vulnerabilities exploitable over the network is increasing exponentially.

For almost every business – not just critical infrastructure providers – most technologies we deploy include connectivity to the internet. Not knowing what systems and external access to these systems that your business is introducing in its everyday technology investment create significant risks to the broader business operations.

Manufacturing businesses and critical infrastructure providers realise that there is need to re-evaluate their cybersecurity measures, in the wake of the COVID-19 crisis, according to the findings of the Ecosystm’s ongoing “Digital Priorities in the New Normal” study (Figure 1).Impact of COVID-19 on manufacturing businesses and infrastructure providers

But these measures may not be sufficient, as indicated by the slew of cyber-attacks on these organisations.

Why are these attacks successful?

There are several reasons why OT attacks are successful:

  • Unauthorised access to internet-facing systems (e.g. deploying an IoT with the default username and password)
  • Introduction of a compromised device (e.g. USB stick) to the environment that infects the network (often employee action)
  • Exploitation of zero-day vulnerabilities in control devices and software
  • Propagated malware infections within isolated computer networks (i.e. The attacker can place a receiving device to make contact over a channel that can propagate across the isolated network)
  • SQL injection via exploitation of web application vulnerabilities
  • Network scanning and probing
  • Lateral movement (i.e. inadequate segmentation which results in attackers being able to move between systems, groups of systems, network zones and even geographical locations.)

How can they be prevented?

The mitigation cannot rely solely on the organisation building security around the deployment nor can it be a reactive approach to fixing vulnerabilities in production, as they are identified. It begins with the OT vendors building security within; however, as with most IT systems and applications, this will evolve over time. For example, there is an initiative in Australia – driven by the IoT Alliance Australia (IOTAA) – to introduce a ‘Trust Mark’ for IoT devices that pass a certification process for security and privacy in product development. This is targeted to launch in September 2020 but could take many years to gain real traction. Thus, for the foreseeable future, the best operational outcomes must be planned and managed by the consumers of the technologies.

Here are the best practices to reduce exploitable IoT weaknesses and attacks occurring in your business:

  • Maintain an accurate inventory of Operational Systems and eliminate any exposure of these systems to external networks
  • Establish clear roles and responsibilities for your organisation and your vendors, to ensure cybersecurity risk is being addressed and managed throughout the OT lifecycle
  • Implement network segmentation and apply firewalls between critical networks and systems.
  • Use secure remote access methods
  • Establish Role-Based Access Controls (RBAC) and implement system logging
  • Use only strong passwords, change default passwords, and consider other access controls (especially for any elevated privileges) such as multi-factor authentication, privileged access management solutions, etc.
  • Establish threat intelligence feeds from your OT vendors and security vendors to ensure you remain abreast of new vulnerabilities, software/firmware patches and threats targeting systems you employ
  • Develop and enforce policies on mobile devices, including strict device controls for any device connecting to OT systems or network zones
  • Implement an employee cybersecurity training program
  • Establish and maintain rigorous testing and patching program including vulnerability assessment and penetration testing
  • Implement measures for detecting compromises and develop a cybersecurity incident response plan with a specific focus on responding to a disruptive attack on your OT environment
  • Maintain an up-to-date Business Continuity Plan that can be deployed rapidly in response to a significant disruption

 


Gain Access to more data on organisations’ Cybersecurity priorities and investments
Get Started


1
SAP and Siemens Partner to Accelerate Industrial Automation

5/5 (1)

5/5 (1)

Last week industry leaders, SAP and Siemens, announced a partnership to bring together their respective expertise on creating integrated and enhanced solutions for product lifecycle management (PLM), supply chain, service and asset management, in a move that is expected to accelerate Industry 4.0 globally.

The partnership between SAP and Siemens aims to develop innovative business models to break silos between manufacturing, product development and service delivery teams to establish seamless customer-centric processes. It will provide users with real-time business information, customer insights and performance data over the entire product development cycle.

As the first step of this agreement, Siemens will offer SAP’s Intelligent Asset Management solution and Project and Portfolio Management applications and SAP will offer Siemens’ PLM suite Teamcenter software for product lifecycle collaboration and data management to manufacturers and business operators across the network – complementing each other’s solutions.

Ecosystm Principal Advisor, Kaushik Ghatak says, “The convergence of the Information Technology (IT) and the Operational Technology (OT) worlds is a must for companies to operate in the cyber physical world of Industry 4.0. Historically, these two worlds have operated in silos. This is a great partnership announcement aimed towards meeting the convergence goals by integrating the capabilities of Siemens (an OT leader), and SAP (an IT leader). Together they would be able to offer an exhaustive set of very valuable offerings in the Digital Supply Chain and Digital Manufacturing domain for customers worldwide.”

Ghatak says, “This is not the first such partnership for Siemens. A strategic alliance between Siemens and Atos has been in place since 2011. In 2018 the alliance was strengthened with plans to accelerate their joint business until 2020, with a focus on building innovative solutions by combining their capabilities. However, the difference this time is that SAP has very a deep and wide set of software offerings in the supply chain and manufacturing domains, which when stitched together with Siemens’ PLM solutions can provide true end-to-end digitalisation capabilities across the ‘Design, Source, Make, Deliver and Plan’ continuum of the value chain.”

Ecosystm Comments

Ghatak, however, cautions that while this is a great partnership announcement between two giants in their respective fields, they will need to collaborate actively on three key aspects for this partnership to deliver value for the customers.

  • Product Development. Building-integrated solutions with heterogenous data models is not easy. It will require very open collaboration between their product development teams to identify the use cases and build solutions that can enable seamless information flow and actions across the different software modules owned by each.
  • Go-to-market. Going to market jointly will need strong collaboration too. In terms of the agreement on customer account ownership, pricing, sharing of pre-sales resources and so on.
  • Implementation. And, last but not the least, it will require collaboration to ramp up the implementation capabilities of the jointly developed solutions.

Checkout insights from the Ecosystm IoT Study.Click on the link below to Access 👇
Ecosystm IoT Market Insights


0
Microsoft Strengthening their IoT Capabilities

5/5 (4)

5/5 (4)

Microsoft announced in 2018 that they were investing US$ 5 billion globally in IoT innovation and research for the next 4 years – the focus being on secure IoT, creating development tools and intelligent services for IoT and the edge, and on growing their partner ecosystem.

Last year Microsoft’s industry updates showcased several IoT implementations across industries and their edge-based solutions portfolio, customers and partner ecosystem. The tech giant revealed nearly 150% YoY growth with customers such as Starbucks, Chevron, Walmart, Walgreens, BMW and Volkswagen added to the Azure platform, leveraging IoT services to accelerate their digital transformation journey. Microsoft also announced more than 70 partnerships with some of the big names in the IoT ecosystem, such as  Universal Electronics, SAP, and Cradlepoint to extend solutions and support for the Microsoft IoT business.

Extending IoT Capabilities with Strategic Partnerships

There were several recent announcements which indicate that Microsoft is focused on strengthening their IoT and industry capabilities – and this is a timely move. Ecosystm Principal Advisor, Kaushik Ghatak says, “COVID-19 has brought to the fore the need for managing risks better. And the key to managing risks is to have better visibility and drive data-driven decisions; the sweet spot for IoT technologies. IoT is at the core of the Industry 4.0 story where deep domain expertise in industry verticals is a pre-requisite to success. It is heartening to see that Microsoft is taking the lead in building a powerful ecosystem by developing key partnerships with leading providers of Industry solutions.”

Last week, Microsoft and Hitachi announced a strategic alliance to accelerate the digital transformation of the Manufacturing and Logistics industries across Southeast Asia, Japan and North America. The first solutions are expected to be made available in Thailand as early as this month. Hitachi brings to the table their industry solutions, such as Lumada, and their IoT-ready industrial controllers HX Series. These solutions will be fully integrated with the Microsoft cloud platform, leveraging Azure, Dynamics 365 and Microsoft 365.

The three areas where the Hitachi solution is expected to bring strength to Microsoft’s industry offering are:

  • Process optimisation and increased manufacturing productivity. Hitachi Digital Supply Chain and Azure IoT leveraged to analyse 4M data collected from manufacturing sites for visualisation/ analysis of production processes
  • Logistics optimisation. Digital technologies such as Azure Maps and Hitachi Digital Solution for Logistics/Delivery Optimisation Service to analyse data on parameters such as traffic congestion, storage locations and delivery locations, to enabling smart routing
  • Predictive maintenance and remote assist. HoloLens 2, Dynamics 365 Remote Assist and other smart devices, to empower first-line workers

Ecosystm Principal Advisor, Niloy Mukherjee feels that with projections of 43 – 100 billion IoT connected devices in the next few years, IoT is obviously a hot space. “We can think of IoT as a stack with four layers – the devices/sensors, the connection layer, the cloud and computing layer and the business apps layer. With Azure, Microsoft is very well positioned in the cloud and compute layer and can grab a large chunk of this fast-growing market. Tying with players like Hitachi allows Microsoft to integrate with the business apps layer and perhaps also some devices. It is absolutely the right strategy and I would expect them to go for many more such alliances. With Microsoft’s strength in the enterprise market, IoT gives them a great opportunity to increase their share of cloud workloads with customers.”

Addressing the Challenges of IoT Adoption

Ecosystm research shows that the biggest challenges in IoT adoption are security and integration concerns (Figure 1).Key challenges of IoT Adoption

In 2018, when Microsoft started actively focusing on IoT, they also launched the Azure Certified for IoT program to maintain consistency and enhanced interoperability across their device partner ecosystem. This addresses the integration challenges that organisations face when deploying IoT. Microsoft continues to grow their IoT ecosystem, ensuring faster IoT deployments, with hardware and software that has been pre-tested and verified to work with Microsoft Azure IoT services. Last week also saw Cyient joining Microsoft Azure as a certified partner for IoT. Cyient IoT Edge Gateway 5400, their flagship IoT gateway product is now Microsoft Azure Certified for IoT. This is expected to accelerate IoT deployment for Cyient customers and enable a seamless integration of edge devices to the cloud.

Ghatak says, “To scale up their IoT business, Microsoft would need to develop a substantially large ecosystem, beyond few key players such as Hitachi, who dominate at the large enterprise segment of the market. That is where partnerships with smaller and niche industry solutions providers such as Cyient fits in. More niche providers such as Cyient will increase Microsoft’s reach into medium and smaller segments of the enterprise market.”

Addressing the Increasing Threat Landscape

Recent cyber-attack trends and security breach statistics reveal a huge increase in cybercrime activities, in the wake of the COVID-19 pandemic. As the number of IoT sensors, devices and gateways increase, so does the risk of security breaches. As shown in figure 1, cybersecurity concerns are real and can act as a barrier to IoT adoption, despite the benefits that the technology brings. Automated vulnerability management capabilities, that allow risk assessment and patch installation where necessary will see an increase in IoT adoption.

To complement Microsoft Azure IoT security, Microsoft acquired IoT security specialist CyberX, last month. The acquisition will enable greater security for the IoT devices connected to the Microsoft network and will help their customers to gain visibility through a map of devices thus allowing them to gather information on security risks associated with thousands of sensors and connected devices. This will enhance smart grid, smart manufacturing and digital assets and profiles and reduce vulnerabilities across production and supply chain.

Mukherjee says, “The key concern for the expansion of IoT into more and more use cases in the next few years is really going to be security. New areas like VR and AR are emerging from futuristic fantasy to real-world reality. These will tempt many enterprises – but security will be the key concern to address. And so, Microsoft’s simultaneous push on security completely aligns with this. As the Ecosystm MSSP VendorScope results show Microsoft’s strategy on cybersecurity seems to be working.”

Talking about Microsoft’s go-to-market strategy, Mukherjee adds, “Microsoft is obviously spreading its net far and wide for all cloud applications including IoT, to go-to-market with partners. One of the key focus area here is the SME segment, which is forecast to be one of the hot growing segments for IoT in the next few years. The more offerings from the business apps layer that Microsoft integrates, the more they enable their partners to sell to their customers.”


Ecosystm IoT Market Insights


1
Australia Preparing Workforce for IoT

5/5 (1)

5/5 (1)

The 5G rollouts in Australia by Telstra, Optus and Vodafone will impact consumers and enterprises alike. It is expected that enterprises will see an uptick in IoT adoption, leveraging the lower latency to connect devices for real-time data transfer and insights. Industries, especially those that operate in remote and rural regions of the country such as Agriculture and Mining are expected to benefit immensely.

“However, there are challenges to leveraging digitalisation effectively, including a lack of awareness, knowledge and skills, and funding to support innovation and scale, in aligning with the growing pressure within sectors to meet increasing productivity and compliance requirements,” says Ecosystm Principal Advisor, Jannat Maqbool. “Adoption of IoT specifically is resulting in new data supply chains, that those operating in many industries cannot cater for with respect to infrastructure and also the skills necessary to process and extract valuable insights from the data.”

Ecosystm research shows that only 37% of organisations looking to adopt IoT in Australia have a strategic internal team to create the roadmap and manage the deployment. This indicates a lack of skills that organisations can utilise, depending on external resources such as consulting firms and ISVs instead. To cater to the expected growth in Australia’s IoT market, IoT Alliance Australia (IoTAA) – that represents more than 500 participating organisations and 1,000 individual participants – has come forward with the IoT Australia Skills Barometer survey.

The survey created in association with La Trobe University aims to gauge the IoT skills gap, to inform educators and adopters on the potential areas of focus for future skills development. It covers questions on IoT adoption, challenges expected, solutions being evaluated, and courses needed.

Addressing the Skills Gap

As the adoption of IoT increases, there will be added requirement for skills in data storage, infrastructure management and creating frameworks. The survey is expected to help the industry determine the skills gap, isolate training and re-skilling requirements and develop courses and hands-on sessions to address the end-to-end services requirements and better utilisation of data gathered from the devices.

There are some courses that are already available – mostly run in collaboration with industry. Last year, Rio Tinto, the Western Australia Government and South Metropolitan TAFE developed Australia’s first nationally-recognised remote operations course. Earlier this year, RMIT partnered with IBM to deliver the IoT and 5G business opportunity courses to equip business professionals with the right technology and business skills for IoT projects.

“Awareness of the potential of emerging technologies needs to target both non-technical and technical members of the organisation. This wider buy-in is needed to drive thinking around the ‘why’ from stakeholders across the business, enabling a more informed decision around the potential impact on existing resources, infrastructure, processes, products, required investment and business outcomes,” says Maqbool. “Any education and training program needs to allow for this focus on awareness, then provide opportunities to build on this for those that then want to gain the deeper knowledge and technical skills required to effectively leverage the IoT.”

“Education and training programs to support the uptake of digital technologies across the wider population and traditionally non-digital industries require a contextual learning and a flexible delivery approach.”

Government and Industry working together

“A digital divide exists in many countries – especially for those in rural communities. They are often not in a position to access the infrastructure necessary to support a real-world connection in a contextual learning environment, let alone having the digital literacy and scaffolding to get to a point where they can effectively consider leveraging emerging technologies,” says Maqbool.

This is where governments play a larger role. To accelerate innovation and make better use of technology the Australian Government is supporting clear communication and a better understanding of IoT, implementing standards and regulations, upgrading digital infrastructure, creating opportunities for economic and social benefits and collaborating with research and education institutes to deliver skills, innovation and growth in the IoT sector.

One of the key areas of focus will have to be cybersecurity. Regulatory compliance and security & privacy issues are the key barriers of IoT adoption in Australia (Figure 1).

Challenges of IoT Adoption in Australia

Last year, the Australian government released a draft code of practice to enable businesses implementing IoT solutions to follow certain principles as a voluntary measure to defend against threats.

The Government is also seeing a larger potential for IoT in some industries. To support the Agriculture industry, the Australia Government has allocated USD 90 million to the Smart Farms program to support the development and uptake of best practices and technologies in farms, fisheries and forestry, with a special focus on regional communities. In its FY2019-20 federal budget, the Government announced plans to invest USD 1.4 million for a feasibility study and assess ways on improving digital on-farm connectivity. Similarly, Australia’s National Landcare Program (NLP) delivered by the Department of Agriculture, Water and the Environment (DAWE) is receiving financial support until June 2023.

1
WBA OpenRoaming™ Creates a Global Wi-Fi Network

5/5 (2)

5/5 (2)

The Wireless Broadband Alliance (WBA) was formed in 2003 to enable a seamless and interoperable Wi-Fi experience across the global wireless ecosystem. The key objective of the alliance was to bring together multiple stakeholders – such as telecom providers, technology vendors and enterprises – to work on areas such as industry guidelines, pilot projects, standards to promote end-to-end services and drive adoption in Wi-Fi, 5G, IoT and others.

WBA OpenRoaming™

Ecosystm Principal Advisor, Ashok Kumar says, “Wi-Fi has gained increasing popularity worldwide over the last two decades and has now become an essential network technology with ubiquitous service that it is utilitarian. However, it has been viewed as a collection of islands of heterogenous networks, requiring re-authentication each time a mobile user transits from one network and re-connects with another Wi-Fi network, with the associated hurdles of logging back in, making it cumbersome.”

“The lack of interoperability between Wi-Fi networks has been a drawback for service providers, compared to the ease of use associated with global mobile networks, such as 4G, LTE, 5G, and so on, which offer seamless roaming connectivity.”

The WBA OpenRoaming™ initiative was announced last month, to create a globally available Wi-Fi ecosystem that offers a federation of automatic and secure connections for billions of devices to millions of Wi-Fi networks. It provides a new global standards-led approach, removing public-guest Wi-Fi connectivity barriers and brings greater convenience and security to the wireless ecosystem. WBA OpenRoaming™ removes the need to search for Wi-Fi networks, to repeatedly enter or create login credentials, or to constantly reconnect or re-register to public Wi-Fi networks.

Several leading technology companies and telecom service providers have extended support to WBA OpenRoaming™ standards – Samsung, Google, Cisco, Intel, Aptilo, AT&T, Boingo Wireless, Broadcom, Comcast, Deutsche Telekom and Orange to name a few.

“Wi-Fi is arguably the most ground-breaking wireless technology of our time. From the first public Wi-Fi hotspots in the early 2000s which enabled radically increased productivity on the move, through to the role Wi-Fi has in today’s pandemic environment. With WBA OpenRoaming™ we want to revolutionise how individual users as well as businesses engage with Wi-Fi, removing the need to repeatedly log in, re-connect, share passwords or re-register for Wi-Fi networks as we travel locally, nationally or internationally”, said Tiago Rodrigues, CEO of the WBA, “Instead, no matter where we are, the new framework automates how users connect to Wi-Fi while seamlessly aligning to cellular network connectivity. It does so by bringing together a federation of trusted identity providers so that individual users are allowed to automatically join any network managed by a federation member.”

WBA OpenRoaming™ can simplify Wi-Fi, much like the cellular roaming experience. Kumar says, “ The WBA OpenRoaming™, with support from major global service providers, network solution vendors, and authentication & security firms, has the potential to address the issue of seamless interoperability in the Wi-Fi networks ecosystem with ease-of-use and security.”

WBA OpenRoaming™ Framework

The framework and standards are based on cloud federation, consisting of a global database of networks and identities, dynamic discovery and the Wireless Roaming Intermediary Exchange (WRIX); cybersecurity consisting of Public Key Infrastructure a RadSec providing the certificate policy, management and brokerage services; and network automation facilitated by an automated roaming consortium framework and policy and Wi-Fi CERTIFIED Passpoint®*.

How does Wireless Broadband Alliance OpenRoaming work?

The Impact of WBA OpenRoaming™

“Enterprises are expected to benefit enormously from the opportunity to create new commercial business models and innovative services with speed and simplicity,” says Kumar.

Maturing mobile technologies such as 5G and Wi-Fi 6 along with next generation wireless devices, could make OpenRoaming™ more seamless and extend its applications further.

Cisco in particular has been leading the charge with several pilots that showcase the benefits of OpenRoaming™. Earlier this year, it partnered with Oxbotica, an autonomous vehicle software provider, to demonstrate how OpenRoaming™ can unlock the potential of autonomous vehicle fleets, allowing a seamless and secure sharing of high-volume data while on the move.

Last year, Cisco also showcased the benefits of OpenRoaming™ in a pilot at the Mobile World Congress in Barcelona with Samsung as the identity provider. Attendees were connected to the network throughout the venue, with connectivity extended to even local train stations and the airport. This unified experience was possible despite the fact that at least three network providers were involved. Pilots such as these gives the industry a glimpse of what benefits lie ahead.

Kumar sees the impact being extended across industries. “The impact of WBA OpenRoaming™ will be in the introduction of innovative services for consumers and enterprise users in public Wi-Fi networks in industries such as Hospitality, Transportation (airport and rail), Retail outlets, Smart City solutions, and local community networks.”

 

Learn more about WBA OpenRoaming™, visit www.openroaming.org

*Wi-Fi CERTIFIED Passpoint® is a registered trademark of the Wi-Fi Alliance  

 

1
Technology Enabling Transformation in the Utilities Industry

5/5 (1)

5/5 (1)

In the midst of the current global crisis, the Utilities industry has had to continue to provide essential public services – through supply chain disruption, reduction of demand in the commercial sector, demand spikes in the consumer sector, change in peak profiles, remote staff management, cyber-attacks and so on. Robust business continuity planning and technology adoption are key to the continued success of Utilities companies. The Ecosystm Business Pulse Study which aims to find how organisations are adapting to the New Normal finds that 6 out of 10 Utilities companies are accelerating or refocusing the Digital Transformation initiatives after the COVID-19 outbreak, underpinning the industry’s need for technology adoption to remain competitive.

Drivers of Transformation in the Utilities Industry

The Evolving Energy Industry. As consumers become more energy-conscious, many are making changes in their usage pattern to stay off the grid as much as possible, potentially reducing the customer base of Utilities companies. This increases their reliance on renewable energy sources (such as solar panels and wind turbines) and batteries, forcing Power companies to diversify and leverage other energy sources such as biomass, hydropower, solar, wind, and geothermal. The challenge is further heightened by the fast depletion of fossil fuels – it is estimated that the world will have run out of fossil fuels in 60 years. The industry is also mandated by government regulations and cleaner energy pacts that focus on climate change and carbon emission – there are strict mandates around how Utilities companies produce, deliver and consume energy.

Business Continuity & Disaster Management. Perhaps no other industry is as vulnerable to natural disasters as Utilities. One of the reasons why the industry has been better prepared to handle the current crisis is because their usual business requires them to have a strong focus on business continuity through natural disasters. This includes having real-time resource management systems and processes to evaluate the requirement of resources, as well as a plan for resource-sharing. There is also the danger of cyber-attacks which has been compounded recently by employees who have access to critical systems such as production and grid networks, working from home. The industry needs to focus on a multi-layered security approach, securing connections, proactively detecting threats and anomalies, and having a clearly-defined incident response process.

The Need to Upgrade Infrastructure. This has been an ongoing challenge for the industry – deciding when to upgrade ageing infrastructure to make production more efficient and to reduce the burden of ongoing maintenance costs. The industry has been one of the early adopters of IoT in its Smart Grid and Smart Meter adoption. With the availability of technology and advanced engineering products, the industry also views upgrading the infrastructure as a means to mitigate some of its other challenges such as the need to provide better customer service and business continuity planning. For example, distributed energy generation systems using ‘micro grids’ have the potential to reduce the impact of storms and other natural disasters – they can also improve efficiency and quality of service because the distance electricity travels is reduced, reducing the loss of resources.

The Evolving Consumer Profile. As the market evolves and the number of Energy retailers increases, the industry has had to focus more on their consumers. Consumers have become more demanding in the service that they expect from their Utilities provider. They are increasingly focused on energy efficiency and reduction of energy consumption. They also expect more transparency in the service they get – be it in the bills they receive or the information they need on outages and disruptions. The industry has traditionally been focused on maintaining supply, but now there is a need to evaluate their consumer base, to evolve their offerings and even personalise them to suit consumer needs.

The global Ecosystm AI study reveals the top priorities for Utilities companies, that are focused on adopting emerging technologies (Figure 1). It is noticeably clear that the key areas of focus are cost optimisation (including automating production processes), infrastructure management and disaster management (including prevention).  Top Tech Priorities for Utilities Companies

Technology as an Enabler of Utilities Sector transformation

Utilities companies have been leveraging technology and adopting new business models for cost optimisation, employee management and improved customer experience. Here are some instances of how technology is transforming the industry:

Interconnected Systems and Operations using IoT

Utilities providers have realised that an intelligent, interconnected system can deliver both efficiency and customer-centricity. As mentioned earlier, the industry has been one of the early adopters of IoT both for better distribution management (Smart Grids) and for consumer services (Smart Meters). This has also given the organisations access to enormous data on consumer and usage patterns that can be used to make resource allocation more efficient.

For instance, the US Government’s Smart Grid Investment Grant (SGIG) program aims to modernise legacy systems through the installation of advanced meters supporting two-way communication, identification of demand through smart appliances and equipment in homes and factories, and exchange of energy usage information through smart communication systems.

IoT is also being used for predictive maintenance and in enhancing employee safety. Smart sensors can monitor parameters such as vibrations, temperature and moisture, and detect abnormal behaviours in equipment – helping field workers to make maintenance decisions in real-time, enhancing their safety.

GIS is being used to get spatial data and map project distribution plans for water, sewage, and electricity. For instance, India’s Restructured Accelerated Power Development & Reforms Program (R-APDRP) government project involves mapping of project areas through GIS for identification of energy distribution assets including transformers and feeders with actual locations of high tension and low tension wires to provide data and maintain energy distribution over a geographical region. R-APDRP is also focused on reducing power loss.

Transparency and Efficiency using Blockchain

Blockchain-based systems are helping the Utilities industry in centralising consumer data, enabling information sharing across key departments and offering more transparent services to consumers.

Energy and Utilities companies are also using the technology to redistribute power from a central location and form smart contracts on Blockchain for decisions and data storage. This is opening opportunities for the industry to trade on energy, and create contracts based on their demand and supply. US-based Brooklyn Microgrid, for example, is a local energy marketplace in New York City based on Blockchain for solar panel owners to trade excess energy generated to commercial and domestic consumers. In an initiative launched by Singapore’s leading Power company, SP Group, companies can purchase Renewable Energy Certificates (RECs) through a Blockchain-powered trading platform, from renewable producers in a transparent, centralised and inexpensive way.

Blockchain is also being used to give consumers the transparency they demand. Spanish renewable energy firm Acciona Energía allows its consumers to track the origin of electricity from its wind and solar farms in real-time providing full transparency to certify renewable energy origin.

Intelligence in Products and Services using AI

Utilities companies are using AI & Automation to both transform customer experience and automate backend processes. Smart Meters, in itself, generate a lot of data which can be used for intelligence based on demographics, usage patterns, demand and supply. This is used for load forecasting and balancing supply and demand for yield optimisation. It is also being leveraged for targeted marketing including personalised messages on Smart Energy usage.

Researchers in Germany have developed a machine learning program called EWeLiNE which is helping grid operators with a program that can calculate renewable energy generation over 48 hours from the data taken from solar panels and wind turbines, through an early warning system.

Niche providers of Smart Energy products have been working with providing energy intelligence to consumers. UK start-up Verv, as an example, uses an AI-based assistant to guide consumers on energy management by tracing the energy usage data from appliances through meters and assisting in reducing costs. Increasingly, Utilities companies will partner with such niche providers to offer similar services to their customers.

Utilities companies have started using chatbots and conversational AI to improve customer experience. For instance, Exelon in the US is using a chatbot to answer common customer queries on power outages and billing.

 

While the predominant technology focus of Utilities companies is still on cost optimisation,  infrastructure management and disaster management, the industry is fast realising the power of having an interconnected system that can transform the entire value chain.

 


For more insights from our AI Research, click below
AI Research and Reports


1
Schneider Electric Partners with Australia’s Leading Edge Data Centres

5/5 (2)

5/5 (2)

Australia’s data centre market has grown exponentially, to a large part due to the Government’s strong policies around cloud adoption. This is in line with the vision of creating a Digital Economy by 2025. Australia’s Tech Future talks about technological changes in 4 key areas including building infrastructure and providing secure access to high-quality data. Availability of local data centres is key to building better infrastructure to support the Digital Economy.

Cloud adoption, especially in the small and medium enterprise (SME) sector is expected to continue to rise. The Ecosystm Business Pulse Study shows that only 16% of Australian organisations had not increased their cloud investments after the COVID-19 crisis and its impact on the economy.

Ecosystm Principal Advisor, Tim Sheedy says, “The current pandemic has highlighted the digital ‘haves and have nots’ in Australia. The NBN has helped to narrow the gap, but too many in rural and regional Australia continue to suffer the tyranny of distance. Businesses and government departments have been reluctant to relocate outside of the major cities due to the lack of internet and data centre infrastructure. Investing in data centres in rural and regional locations will not only help to close the digital divide but also remove a significant barrier that stops businesses from investing in and relocating to locations out of cities.”

Growing Australia’s Data Centre Footprint

This week, Australia’s Leading Edge Data Centres and Schneider Electric announced a AU$30 million project where Schneider Electric will provide Tier-3-designed prefabricated data centre modules for Leading Edge’s six locations in Australia. Each site will host 75 racks with 5kW power density to support computing operations and minimise data exchange delays. Ecosystm Principal Advisor, Darian Bird says, “The inaccessible nature of some sites makes them suitable for prefabricated data centres, which are plug-and-play containers that can be set up and maintained by a relatively small IT team. Standardisation in edge data centres and automation are key to remote management for anyone deploying distributed infrastructure.”

This announcement follows the news that Leading Edge has secured an investment of AU$20 million from Washington H. Soul Pattinson to construct 20 Tier-3 data centres across Australia. They have also received funding from the SparkLabs Cultiv8 2020 accelerator group. The funding will be used to build more than 20 Tier 3 data centres across regional Australia to provide faster internet speeds and direct cloud connectivity.

This will impact businesses that host mission-critical applications, and stricter uptime requirements, and is expected to benefit IoT, AgriTech and telecom industry applications.

Impact on Industry

Edge connectivity will create a seamless experience for the users to take advantage of faster computing with a local host, lower latency by taking connectivity to where operations reside, and data sovereignty by keeping data within the region, aiding in the development of Australia’s Digital Economy.

Sheedy sees this as an opportunity for primary industries. “One of the real challenges for farms and other agribusinesses investing in IoT and other tech-based solutions has been the lack of local or nearby computing infrastructure that will support applications that require low latency. Leading Edge’s investments in providing data centres in rural and regional Australia will mean these businesses can accelerate their digital transformations.”

With the simultaneous rollout of 5G, Smart City initiatives will also benefit from edge data centres. “Investment in edge infrastructure is likely to take off and follow the 5G coverage map across Australia. We will see operators take advantage of their vast network footprint and combine micro data centres with some 5G antenna locations,” says Bird. “Smart City initiatives will be made possible by 5G connected IoT devices but computing at the edge will be needed to keep, for example, public safety systems, operating in real-time. Many monitoring systems will require local data analysis to be effective.”

Bird also sees potential impacts on the Entertainment industry. “The COVID-19 restrictions and the launch of new services such as Disney+ and Binge in Australia will ensure streaming video continues its impressive growth trajectory. Even facilities such as sports stadiums are beginning to deliver in-person digital experiences to grab back attention from their online competitors. Positive user experience is crucial here and low latency is a must. We’ll see a shift towards edge computing delivered on-site as part of a distributed network. Regional data centres and local caching have always been vital for content delivery to ensure the quality of service and reduce bandwidth costs but the scale is unprecedented.”

Bird talks about potential retail opportunities in the future. “We may see anchor tenants at malls offering their excess capacity to smaller, nearby stores that need the benefits of edge but can’t justify the investment, similar to the way Amazon launched AWS.”

 

 

1
PropTech: Driving Digital Transformation in the Wake of COVID-19

5/5 (2)

5/5 (2)

COVID-19 is accelerating digital transformation activities across industries. Remote working is now standard practice and digital engagement is replacing face-to-face interaction. Cloud technology has become essential rather than an option, and rollouts of new technologies such as augmented reality (AR) and intelligent automation are being expedited.

One of the industries that offer great potential for technology-driven transformation is the property sector.

Many activities within the property ecosystem have remained unchanged for decades. There are several opportunities for digital engagement and automation in this sector, ranging from the use of robots in construction to the ‘uberisation’ of the residential property customer journey.

The processes associated with buying or renting property remain cumbersome and complex for customers. Indeed, customers engage with many different organisations throughout their residential property lifecycles. When compared to some other industries, the customer experience can be poor. Components of the journey – such as property search – offer some great experiences but other parts such as exchanging contracts can rarely be described as positive customer experiences.

Although AR and virtual reality (VR) technologies can facilitate property inspection, most inspections are still undertaken on-premise, together with a real estate agent. Contract exchanges often involve interactions with legal professionals in-person. Securing a mortgage or a rental agreement also typically requires face-to-face interaction. Deposits commonly necessitate the physical presentation of a cheque.

The Uberisation of the Property Sector

So, in the residential sector, there are clear opportunities for start-ups and property search platforms to offer greatly enhanced customer experiences. The COVID-19 crisis will speed up the rate at which digital technologies are used to automate activities throughout the residential property customer journey and to engage customers digitally.

Property search platforms such as Singapore-based PropertyGuru, have been creating innovative ways of engaging customers and extending their range of services, for many years. For PropertyGuru, its news features, mortgage calculator, and ability to search for investment properties overseas, have enabled it to offer customers more value from its platform. Its PropertyGuru Lens feature uses AR and artificial intelligence (AI) to give customers a more immersive and improved experience. In common with other real estate platforms, it offers AR and VR tools for inspections.

Today’s crisis creates opportunities for platforms such as ProperyGuru to engage customers throughout their journey. It can potentially transform the residential property business, by becoming an Uber-style platform for agents, movers, shippers, storage companies, interior designers, renovation firms and all other stakeholders within the residential property ecosystem. Subject to regulation, it could also act as a mortgage broker and an agency for the exchange of contracts. In other words, it could ‘own’ the customer journey and act as a platform for all services associated with residential property. From the customer perspective, such a platform would be a welcome way of enhancing the experience associated with buying, renting, maintaining, improving, managing, and selling residential property.

IoT and the Commercial Property Sector

From a commercial property perspective, the COVID-19 crisis can also be expected to accelerate the digitalisation of many activities associated with the construction, maintenance, and management of buildings.

According to the findings of the Ecosystm IoT Study, the Construction industry is evaluating several technology solutions that are expected to benefit the industry (Figure 1).High Traction IoT Solutions - Construction Industry

While the industry views these solutions as beneficial, the adoption has so far been low. This will change. Drones have been used to inspect the outside of tall buildings for several years, but this is not yet standard practice. Structural inspections and maintenance of buildings will be automated at a much faster rate post COVID-19. IoT technology will be used for building management. Using IoT technology for the predictive maintenance and management of lighting, climate control, elevators, security, windows and doors will become standard as firms seek to reduce human interactions. Technology that measures footfall, manages safe distancing, takes peoples’ temperatures and identifies those who enter and leave buildings will be introduced, as organisations guard against disease clusters developing within or around their premises.

In essence, the COVID-19 crisis will act as a catalyst for the digital transformation of the property sector. There is a huge opportunity to create new business models not least by offering customers a digital platform on which all of their property-related needs can be addressed. For the commercial property sector, a similar platform can be offered. Additionally, many core activities ranging from construction to building management will be automated, fully leveraging robot, AI and IoT technologies.


Milroy was recently part of a conversation with Hari V Krishnan, Group CEO of ProperyGuru Group and Ecosystm CEO, Amit Gupta. Watch the video here ?
Get your Free Copy

2
5G: A Catalyst for Security Threats

5/5 (2)

5/5 (2)

The opportunities that can be created by 5G continue to excite businesses and consumers alike. As 5G rollouts gather pace, new consumer experiences and business models emerge. For consumers, enhanced mobile broadband offers superior experience, driving the consumption of much more data-rich content and the more widespread application of emerging technologies such as augmented reality (AR). For businesses, the low latency, higher bandwidth, and the ability to handle massive machine type communications promised by 5G create opportunities for a dizzying array of uses cases, usually linked to IoT technology.

As enterprise use cases like autonomous driving, remote surgery and software-defined factories are enabled by 5G, the impact of cybersecurity breaches becomes much greater. Breaches can potentially have a catastrophic impact – they could lead to serious damage to or the destruction of sensitive critical infrastructures, such as power stations and transportation systems.

Security vulnerabilities associated with 5G are underpinned by a change in network architecture. The latency benefits of 5G require a more distributed architecture to enable use cases which require real-time data processing. This leads to the virtualisation of higher-level network functions formerly performed by physical appliances. So 5G networks will necessarily create a greatly expanded attack surface. If an attacker gains control of the software managing the networks, they can also control the network and potentially cause chaos.

One of the major benefits of 5G is massively increased bandwidth. This is also a huge benefit for attackers. An increase in available bandwidth makes it much easier to generate attack traffic from compromised connected devices and vulnerable networks. As volumetric DDoS attacks grow in terms of frequency, magnitude, and sophistication, traditional defences such as out-of-band scrubbing centres and manual interventions become inadequate and expensive.

In a 5G World, Security Postures must be Agile and not Act as a Bottleneck to Performance

5G use cases require a radical shift in cybersecurity posture and a new set of security considerations. Networks managed by enterprises and service providers need to scale up to handle larger capacity requirements and scale out to accommodate the increased demands of edge computing and the growing volumes of IoT endpoints. Security infrastructure must change accordingly with upgrades to both physical and virtual components. Importantly, security postures must also be sufficiently agile to change with new requirements while ensuring that security does not act as a bottleneck to network performance.

A common response to the increasing complexity of distributed cloud and IoT environments – where existing tools cannot always detect new and emerging threats – is to deploy brand new security tools. This seems like a great solution but can lead to significant problems and compromise security. Over time, the deployment of multiple security tools creates an estate of siloed security products, sometimes reporting to their own dashboards. Although this management challenge is typically being addressed by service providers and large enterprises, most commonly with SIEM, they must continually ensure that there is provision for the centralisation of security alerts, so that cybersecurity staff do not face the challenge of monitoring multiple consoles and cross-referencing between disparate screens and information formats. Applying security policy changes is a laborious and time-consuming task in a multi-dashboard environment – representing a security threat in its own right.

In the case of large volumetric attacks, redirecting suspicious traffic to scrubbing centres adds latency and imposes a significant financial burden, since mitigation costs are directly tied to the volume of the data traffic. Large enterprises and service providers should consider adopting new DDoS protection approaches that incorporate AI, real-time analysis, and telemetry to automate a more intelligent and cost-effective detection and mitigation process.

Different Policies Required to Reflect Specific Needs of Each Use Case

5G allows mobile service providers to partition their network resources, to address a diverse set of use cases with differing performance and functional requirements. These varying service performance profiles have a direct impact on security protocol choices and policy implementation. For instance, the service in one use case, such as a Smart City application, may require extremely long device battery life, which constrains the security protocol in some other way (e.g., how often re-authentication is performed). In another example, the use case may be very privacy-sensitive, requiring unusually intensive security procedures (e.g., very frequent reallocation of temporary identities).

The complexity associated with securing highly distributed and virtualised networks powered by 5G, will grow enormously and be hampered by an ever-increasing skills shortage. The only way to address these challenges is to create an intelligent security infrastructure that is sufficiently agile to scale with the network and use AI to detect, contain and eliminate threats. Security managers will need a unified view of all assets – physical and virtual – so that multiple security policies can be enforced and managed.

2