SlideShare a Scribd company logo

Tigerspike - Cybersecurity and Mobility in the Energy Industry

ā€¢
ā€¢
Christian Glover Wilson
Christian Glover Wilson

An overview of the cyber security considerations of enterprise mobility and how to address them.

TechnologyBusiness
1 of 32
Download to read offline
Cybersecurity and mobility in the Energy Industry Advanced Energy 2013 1 May 2013 Christian Glover Wilson" Vice President, Technology & Strategy" Tigerspike
Cybersecurity and mobility in the Energy Industry Abstract Enterprise mobility has progressed from email on a BlackBerry to a vast proliferation of personal media devices in the hands of employees, engineers and the end consumers. Mobility is key to how remote teams now collaborate and access ļ¬les and data with the advent of cloud computing accelerating that further. The distributed nature of energy production and distribution make this even more pronounced for the energy industry. This new ecosystem has led to a variety of new cybersecurity threats that need to be understood and prevented. The widespread adoption of smart devices and the rise of the Internet of Things need to be secured with a combination of best practice and technology ā€“ protecting but not limiting the continuous push towards anywhere and any device productivity.
Rise of Mobility Understanding the Threats Addressing the Problem Cybersecurity and mobility in the Energy Industry Contents
Cybersecurity and mobility in the Energy Industry Rise of Mobility
Proliferation of Personal Technology Devices Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ As of late 2010, smartphone sales started surpassing those of traditional computers. ā€¢ā€Æ ā€œBy 2015 shipments of tablets will outstrip those of conventional PCs such as desktops and notebooksā€-Gartner Source: Gartner, April 2013
Proliferation of Personal Technology Devices Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Tablets will overtake desktop and notebook shipments combined, while 'ultra-mobiles' will grow ā€¢ā€Æ Shift in device preference is coming from a shift in user behavior ā€¢ā€Æ Leads to a bigger embrace of the cloud for sharing and for access to content Source: Gartner, April 2013
Enterprise Mobility Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Rapidly growing adoption of BYOD ā€¢ā€Æ Easy to push real-time alerts and crucial messages to users, based on location ā€¢ā€Æ Can capture vital analytics about usage and devices used ā€¢ā€Æ Enterprise apps can provide ofļ¬‚ine access to keep using the app and entering data, with an automatic sync once the device comes back into range
Enterprise Mobility Cybersecurity and mobility in the Energy Industry Mobile devices empower employees to do what they need to do ā€” whenever and wherever; enterprise mobility is not telecommuting. A rapidly maturing ecosystem of mobile app tools, technologies and platforms.
Internet of Things Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Growing network of IP-enabled components and appliances ā€¢ā€Æ Meters and devices reporting their usage allowing reactive modeling ā€¢ā€Æ Locks and control devices controlled over the Internet ā€¢ā€Æ Connected installations managed remotely
Internet of Things Cybersecurity and mobility in the Energy Industry Supply/Demand Ā  Alterna1ve Ā  Oil/Gas Ā  Loca%ons Ā  Power Ā Genera%on, Ā  Transmission Ā and Ā Distribu%on Ā  Low Ā Voltage Ā  Power Ā Quality Ā  Energy Ā Management Ā  Solar Ā  Wind Ā  Co-Ā­ā€genera%on Ā  Electrochemical Ā  Rigs Ā  Derricks Ā  Well Ā Heads Ā  Pumps Ā  Ā  Pipelines Ā  Devices Ā  Turbines, Ā Windmills, Ā UPS, Ā BaJeries, Ā Generators, Ā Meters, Ā Drills, Ā Fuel Ā Cells, Ā etc. Ā  Every industry has an individual set of uniquely identiļ¬ed ā€œthingsā€ generating data and able to controlled remotely. For example:
The mobile world changes with every new device and set of devices. Smartphones and tablets are being joined in the marketplace by new consumer devices. Wearable and augmented reality products will fast become widespread. New Devices Cybersecurity and mobility in the Energy Industry
Mobile device uses Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Voice ā€¢ā€Æ Video ā€¢ā€Æ Data ā€¢ā€Æ Control ā€¢ā€Æ NFC Interaction (RFID, Bluetooth, etc) ā€¢ā€Æ Thin client for cloud-stored data ā€¢ā€Æ BigData aggregation visualization
Cybersecurity and mobility in the Energy Industry Understanding the Threats
The Device Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Vulnerable to malware, malicious apps posing as benign apps ā€¢ā€Æ Legitimate apps can allow data loss and data leakage if poorly- written ā€¢ā€Æ Vulnerabilities in Hardware, OS, Application and Third-Party Applications ā€¢ā€Æ Unsecured or Rogue Marketplaces
The Device Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Malware and attacks on mobile devices are on the rise ā€¢ā€Æ Vulnerabilities found almost as soon as a device hits the market
Accidental breaches and device loss Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ 68% of employees reported that they did not have their devices cleaned when upgrading ā€¢ā€Æ Access and data breaches are the most common results of lost phones... not recovery ā€¢ā€Æ Social engineering tactics lead users to click malicious URLs spammed by trusted sources via SMS, social media and email.
BYOD ā€“ Statistics around usage Cybersecurity and mobility in the Energy Industry 0% Ā  10% Ā  20% Ā  30% Ā  40% Ā  50% Ā  60% Ā  70% Ā  80% Ā  90% Ā  ...user a personal electronic device for work-related functions ...who use a laptop for work will connect to the company's network via a free or public WiFi connection ...who use a personal device for work have let someone else use it ...who use personal device(s) for work have not activated the auto-lock feature ...who use their personal device for work admit that their organization's data and/or ļ¬les are not encrypted ...who use a personal device for work say their organization has not implemented a "bring-your-own-device" policy ...of employees U.S. adults have been a victim of malware or hacking on a personal electronic device 81% 31% 46% 37% 33% 66% 25%
Encryption of DAR and signal Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Given sufļ¬cient time, a brute force attack is capable of cracking any known serial encryption algorithm. ā€¢ā€Æ To crack AES with 128-bit key would take 1 billion billion years for a supercomputer of today. ā€¢ā€Æ Using quantum technology with the same throughput, exhausting the possibilities of a 128-bit AES key would take about six months ā€¢ā€Æ Encryption only ever as secure as the implementation
Connectivity weakness Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Unsecured WiFi and rogue access points add vulnerability ā€¢ā€Æ NFC/RFID has a low threat of breach but can allow mimicry ā€¢ā€Æ Bluetooth defects allow " eavesdropping and caller " identiļ¬cation
Mobility introduces all these threats Cybersecurity and mobility in the Energy Industry
Internet of Things Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Increases exponentially the quantity of systems that will have to be protected ā€¢ā€Æ Route of data to the provider is obvious weakness ā€¢ā€Æ Multiple points of failure ā€¢ā€Æ DDoS attacks on individual appliances ā€¢ā€Æ Introduce vulnerability to associated ļ¬nancial records
Wearable Cybersecurity and mobility in the Energy Industry New devices means new threats and fresh cyber security considerations
Cybersecurity and mobility in the Energy Industry Wearable
Cybersecurity and mobility in the Energy Industry Addressing the Problem
Cybersecurity and mobility in the Energy Industry Securing the Device
Securing the Device Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ MDM Notiļ¬cation, access control, quarantine, selective wipe ā€¢ā€Æ MAM Authentication, storage control, copy/paste limitation ā€¢ā€Æ Data and apps ā€¢ā€Æ Event monitoring ā€¢ā€Æ Keep OS updated
People are demanding to use their own gadgets in their jobs. Trying to thwart them is futile The Economist 92% of Fortune 500 companies are testing or deploying the iPad Tim Cook, CEO Apple When young employees ļ¬rst come across business-application screens, they scream in horror Willem Eelman, CIO Unilever Enterprise Mobility Cybersecurity and mobility in the Energy Industry
Enterprise Mobility Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ BYOD vs COPE (Corporate owned, personally enabled) ā€¢ā€Æ Clear policy required ā€¢ā€Æ Control non-work device use
Encryption ā€¢ā€Æ Invest in parallel solutions, be prepared for Quantum Computing ā€¢ā€Æ Encrypt data stored to cloud storage ā€¢ā€Æ Encrypt any sensitive data stored on the device as well as while being transmitted ā€¢ā€Æ Pay attention to key exchange ā€¢ā€Æ Harden networks Cybersecurity and mobility in the Energy Industry
Internet of Things Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Assume each device or appliance is the weakest part of the system ā€¢ā€Æ Protect data captured even if it caches on the device or local network ā€¢ā€Æ Consider remote control locks as insecure as those operated locally ā€¢ā€Æ Have lock passwords change" frequently and on demand to" allow temporary access
Securing mobile devices Cybersecurity and mobility in the Energy Industry
Christian Glover Wilsonā€Ø Vice President, Technology & Strategy" christian.gloverwilson@tigerspike.com +1 917 310 5249 " San Francisco 875 Howard Street" 6th Floor" San Francisco, CA 94103" +1 415 562 4001" sanfrancisco@tigerspike.com New York 133 W 19th St" 7th Floor" New York, NY 10011" +1 646 330 4636" newyork@tigerspike.com Contact me San Francisco New York London Dubai Singapore Sydney Melbourne

Recommended

Security and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentSecurity and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT Environment
Dr. Amarjeet Singh
Ā 
Tips on designing for the Internet of Things
Tips on designing for the Internet of ThingsTips on designing for the Internet of Things
Tips on designing for the Internet of Things
Design World
Ā 
IoT_Structure
IoT_StructureIoT_Structure
IoT_Structure
Brandon Walston
Ā 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
Anastasios Economides
Ā 
Internet of Things
Internet of ThingsInternet of Things
Internet of Things
Ryan Smith
Ā 
IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019
John D. Johnson
Ā 
Internet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_finalInternet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_final
Anastasios Economides
Ā 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.
Dr. Michael Agbaje
Ā 

Recommended

Security and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentSecurity and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT Environment
Dr. Amarjeet Singh
Ā 
Tips on designing for the Internet of Things
Tips on designing for the Internet of ThingsTips on designing for the Internet of Things
Tips on designing for the Internet of Things
Design World
Ā 
IoT_Structure
IoT_StructureIoT_Structure
IoT_Structure
Brandon Walston
Ā 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
Anastasios Economides
Ā 
Internet of Things
Internet of ThingsInternet of Things
Internet of Things
Ryan Smith
Ā 
IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019
John D. Johnson
Ā 
Internet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_finalInternet of things_by_economides_keynote_speech_at_ccit2014_final
Internet of things_by_economides_keynote_speech_at_ccit2014_final
Anastasios Economides
Ā 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.
Dr. Michael Agbaje
Ā 
All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected Devices
John D. Johnson
Ā 
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Adam Thierer
Ā 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
Clearnetwork
Ā 
Achieving Secure BYOD in Government Agencies
Achieving Secure BYOD in Government AgenciesAchieving Secure BYOD in Government Agencies
Achieving Secure BYOD in Government Agencies
Proofpoint
Ā 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015
Hildebrand Technology
Ā 
Chapter-2.docx
Chapter-2.docxChapter-2.docx
Chapter-2.docx
Amir Khan
Ā 
Internet of Things(IOT)
Internet of Things(IOT)Internet of Things(IOT)
Internet of Things(IOT)
University of Potsdam
Ā 
Internet of Things and Security challenges
Internet of Things and Security challengesInternet of Things and Security challenges
Internet of Things and Security challenges
Anastasios Economides
Ā 
Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4
Somasundaram Jambunathan
Ā 
IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principles
ardexateam
Ā 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
Ā 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
SecPod Technologies
Ā 
M2M_IoT_Presentation
M2M_IoT_PresentationM2M_IoT_Presentation
M2M_IoT_Presentation
Ravinderen Nair
Ā 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of Things
Rishabh Sharma
Ā 
Blueprint for the Industrial Internet of Things
Blueprint for the Industrial Internet of ThingsBlueprint for the Industrial Internet of Things
Blueprint for the Industrial Internet of Things
Real-Time Innovations (RTI)
Ā 
Practical IoT Security in the Enterprise
Practical IoT Security in the EnterprisePractical IoT Security in the Enterprise
Practical IoT Security in the Enterprise
Daniel Miessler
Ā 
How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks
Abaram Network Solutions
Ā 
SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities
SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities
SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities
Tauseef Naquishbandi
Ā 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough?
Ravindra Dastikop
Ā 
The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.
The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.
The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.
Spiceworks Ziff Davis
Ā 
IAM for mobile and BYOD
IAM for mobile and BYODIAM for mobile and BYOD
IAM for mobile and BYOD
Michel de Goede
Ā 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
IndSightsResearchSG
Ā 

More Related Content

What's hot

All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected Devices
John D. Johnson
Ā 
Internet of Things and Security challenges
Internet of Things and Security challengesInternet of Things and Security challenges
Internet of Things and Security challenges
Anastasios Economides
Ā 
Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4
Somasundaram Jambunathan
Ā 
M2M_IoT_Presentation
M2M_IoT_PresentationM2M_IoT_Presentation
M2M_IoT_Presentation
Ravinderen Nair
Ā 

What's hot (20)

All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected Devices
Ā 
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Ā 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
Ā 
Achieving Secure BYOD in Government Agencies
Achieving Secure BYOD in Government AgenciesAchieving Secure BYOD in Government Agencies
Achieving Secure BYOD in Government Agencies
Ā 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015
Ā 
Chapter-2.docx
Chapter-2.docxChapter-2.docx
Chapter-2.docx
Ā 
Internet of Things(IOT)
Internet of Things(IOT)Internet of Things(IOT)
Internet of Things(IOT)
Ā 
Internet of Things and Security challenges
Internet of Things and Security challengesInternet of Things and Security challenges
Internet of Things and Security challenges
Ā 
Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4Addressing security and privacy in io t ecosystem v0.4
Addressing security and privacy in io t ecosystem v0.4
Ā 
IoT Agent Design Principles
IoT Agent Design PrinciplesIoT Agent Design Principles
IoT Agent Design Principles
Ā 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Ā 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
Ā 
M2M_IoT_Presentation
M2M_IoT_PresentationM2M_IoT_Presentation
M2M_IoT_Presentation
Ā 
Securing Internet of Things
Securing Internet of ThingsSecuring Internet of Things
Securing Internet of Things
Ā 
Blueprint for the Industrial Internet of Things
Blueprint for the Industrial Internet of ThingsBlueprint for the Industrial Internet of Things
Blueprint for the Industrial Internet of Things
Ā 
Practical IoT Security in the Enterprise
Practical IoT Security in the EnterprisePractical IoT Security in the Enterprise
Practical IoT Security in the Enterprise
Ā 
How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks
Ā 
SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities
SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities
SMART HEALTH AND Internet of Things (IoT) - RESEARCH Opportunities
Ā 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough?
Ā 
The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.
The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.
The Devices are Coming! How the ā€œInternet of Thingsā€ will affect IT.
Ā 

Similar to Tigerspike - Cybersecurity and Mobility in the Energy Industry

Fog computing
Fog computingFog computing
Fog computing
Ankit_ap
Ā 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
CompTIA UK
Ā 
Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptx
pdevang
Ā 
02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart grids
IBM Italia Web Team
Ā 

Similar to Tigerspike - Cybersecurity and Mobility in the Energy Industry (20)

IAM for mobile and BYOD
IAM for mobile and BYODIAM for mobile and BYOD
IAM for mobile and BYOD
Ā 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
Ā 
Fog computing
Fog computingFog computing
Fog computing
Ā 
Presentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdfPresentation about IoT in media and communication.pdf
Presentation about IoT in media and communication.pdf
Ā 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
Ā 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
Ā 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
Ā 
Power Plants Security Webinar Presentation
Power Plants Security Webinar PresentationPower Plants Security Webinar Presentation
Power Plants Security Webinar Presentation
Ā 
Speaking at John Carrol University on the Internet of Things
Speaking at John Carrol University on the Internet of ThingsSpeaking at John Carrol University on the Internet of Things
Speaking at John Carrol University on the Internet of Things
Ā 
Authentication And Authorization Issues In Mobile Cloud Computing A Case Study
Authentication And Authorization Issues In Mobile Cloud Computing A Case StudyAuthentication And Authorization Issues In Mobile Cloud Computing A Case Study
Authentication And Authorization Issues In Mobile Cloud Computing A Case Study
Ā 
Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptx
Ā 
Getting More Value Out of Your Data
Getting More Value Out of Your DataGetting More Value Out of Your Data
Getting More Value Out of Your Data
Ā 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
Ā 
The Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingThe Benefits of Digitizing Manufacturing
The Benefits of Digitizing Manufacturing
Ā 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
Ā 
Internet of Things (IoT
Internet of Things (IoTInternet of Things (IoT
Internet of Things (IoT
Ā 
Information Security, Cybercrime and technology futures allowing you to get a...
Information Security, Cybercrime and technology futures allowing you to get a...Information Security, Cybercrime and technology futures allowing you to get a...
Information Security, Cybercrime and technology futures allowing you to get a...
Ā 
CHA_001_IOT.pptx
CHA_001_IOT.pptxCHA_001_IOT.pptx
CHA_001_IOT.pptx
Ā 
02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart grids
Ā 
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
Ā 

More from Christian Glover Wilson

More from Christian Glover Wilson (8)

2016 Trends in Mobility
2016 Trends in Mobility2016 Trends in Mobility
2016 Trends in Mobility
Ā 
Frictionless + on demand
Frictionless + on demandFrictionless + on demand
Frictionless + on demand
Ā 
iOS7
iOS7iOS7
iOS7
Ā 
Responsive web design
Responsive web designResponsive web design
Responsive web design
Ā 
iBeacon introduction and overview
iBeacon introduction and overviewiBeacon introduction and overview
iBeacon introduction and overview
Ā 
Responsive web design and eCommerce
Responsive web design and eCommerceResponsive web design and eCommerce
Responsive web design and eCommerce
Ā 
Rapid prototyping and sketching
Rapid prototyping and sketchingRapid prototyping and sketching
Rapid prototyping and sketching
Ā 
Push to Engage
Push to EngagePush to Engage
Push to Engage
Ā 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(ā˜Žļø+971_581248768%)**%*]'#abortion pills for sale in dubai@
Ā 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Ā 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Ā 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
Ā 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
Ā 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
Ā 

Recently uploaded (20)

Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Ā 
Navi Mumbai Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls šŸ„° 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Ā 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Ā 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Ā 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Ā 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
Ā 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Ā 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Ā 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Ā 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Ā 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Ā 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Ā 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
Ā 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Ā 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
Ā 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Ā 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Ā 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Ā 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
Ā 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Ā 

Tigerspike - Cybersecurity and Mobility in the Energy Industry

  • 1. Cybersecurity and mobility in the Energy Industry Advanced Energy 2013 1 May 2013 Christian Glover Wilson" Vice President, Technology & Strategy" Tigerspike
  • 2. Cybersecurity and mobility in the Energy Industry Abstract Enterprise mobility has progressed from email on a BlackBerry to a vast proliferation of personal media devices in the hands of employees, engineers and the end consumers. Mobility is key to how remote teams now collaborate and access ļ¬les and data with the advent of cloud computing accelerating that further. The distributed nature of energy production and distribution make this even more pronounced for the energy industry. This new ecosystem has led to a variety of new cybersecurity threats that need to be understood and prevented. The widespread adoption of smart devices and the rise of the Internet of Things need to be secured with a combination of best practice and technology ā€“ protecting but not limiting the continuous push towards anywhere and any device productivity.
  • 3. Rise of Mobility Understanding the Threats Addressing the Problem Cybersecurity and mobility in the Energy Industry Contents
  • 4. Cybersecurity and mobility in the Energy Industry Rise of Mobility
  • 5. Proliferation of Personal Technology Devices Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ As of late 2010, smartphone sales started surpassing those of traditional computers. ā€¢ā€Æ ā€œBy 2015 shipments of tablets will outstrip those of conventional PCs such as desktops and notebooksā€-Gartner Source: Gartner, April 2013
  • 6. Proliferation of Personal Technology Devices Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Tablets will overtake desktop and notebook shipments combined, while 'ultra-mobiles' will grow ā€¢ā€Æ Shift in device preference is coming from a shift in user behavior ā€¢ā€Æ Leads to a bigger embrace of the cloud for sharing and for access to content Source: Gartner, April 2013
  • 7. Enterprise Mobility Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Rapidly growing adoption of BYOD ā€¢ā€Æ Easy to push real-time alerts and crucial messages to users, based on location ā€¢ā€Æ Can capture vital analytics about usage and devices used ā€¢ā€Æ Enterprise apps can provide ofļ¬‚ine access to keep using the app and entering data, with an automatic sync once the device comes back into range
  • 8. Enterprise Mobility Cybersecurity and mobility in the Energy Industry Mobile devices empower employees to do what they need to do ā€” whenever and wherever; enterprise mobility is not telecommuting. A rapidly maturing ecosystem of mobile app tools, technologies and platforms.
  • 9. Internet of Things Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Growing network of IP-enabled components and appliances ā€¢ā€Æ Meters and devices reporting their usage allowing reactive modeling ā€¢ā€Æ Locks and control devices controlled over the Internet ā€¢ā€Æ Connected installations managed remotely
  • 10. Internet of Things Cybersecurity and mobility in the Energy Industry Supply/Demand Ā  Alterna1ve Ā  Oil/Gas Ā  Loca%ons Ā  Power Ā Genera%on, Ā  Transmission Ā and Ā Distribu%on Ā  Low Ā Voltage Ā  Power Ā Quality Ā  Energy Ā Management Ā  Solar Ā  Wind Ā  Co-Ā­ā€genera%on Ā  Electrochemical Ā  Rigs Ā  Derricks Ā  Well Ā Heads Ā  Pumps Ā  Ā  Pipelines Ā  Devices Ā  Turbines, Ā Windmills, Ā UPS, Ā BaJeries, Ā Generators, Ā Meters, Ā Drills, Ā Fuel Ā Cells, Ā etc. Ā  Every industry has an individual set of uniquely identiļ¬ed ā€œthingsā€ generating data and able to controlled remotely. For example:
  • 11. The mobile world changes with every new device and set of devices. Smartphones and tablets are being joined in the marketplace by new consumer devices. Wearable and augmented reality products will fast become widespread. New Devices Cybersecurity and mobility in the Energy Industry
  • 12. Mobile device uses Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Voice ā€¢ā€Æ Video ā€¢ā€Æ Data ā€¢ā€Æ Control ā€¢ā€Æ NFC Interaction (RFID, Bluetooth, etc) ā€¢ā€Æ Thin client for cloud-stored data ā€¢ā€Æ BigData aggregation visualization
  • 13. Cybersecurity and mobility in the Energy Industry Understanding the Threats
  • 14. The Device Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Vulnerable to malware, malicious apps posing as benign apps ā€¢ā€Æ Legitimate apps can allow data loss and data leakage if poorly- written ā€¢ā€Æ Vulnerabilities in Hardware, OS, Application and Third-Party Applications ā€¢ā€Æ Unsecured or Rogue Marketplaces
  • 15. The Device Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Malware and attacks on mobile devices are on the rise ā€¢ā€Æ Vulnerabilities found almost as soon as a device hits the market
  • 16. Accidental breaches and device loss Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ 68% of employees reported that they did not have their devices cleaned when upgrading ā€¢ā€Æ Access and data breaches are the most common results of lost phones... not recovery ā€¢ā€Æ Social engineering tactics lead users to click malicious URLs spammed by trusted sources via SMS, social media and email.
  • 17. BYOD ā€“ Statistics around usage Cybersecurity and mobility in the Energy Industry 0% Ā  10% Ā  20% Ā  30% Ā  40% Ā  50% Ā  60% Ā  70% Ā  80% Ā  90% Ā  ...user a personal electronic device for work-related functions ...who use a laptop for work will connect to the company's network via a free or public WiFi connection ...who use a personal device for work have let someone else use it ...who use personal device(s) for work have not activated the auto-lock feature ...who use their personal device for work admit that their organization's data and/or ļ¬les are not encrypted ...who use a personal device for work say their organization has not implemented a "bring-your-own-device" policy ...of employees U.S. adults have been a victim of malware or hacking on a personal electronic device 81% 31% 46% 37% 33% 66% 25%
  • 18. Encryption of DAR and signal Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Given sufļ¬cient time, a brute force attack is capable of cracking any known serial encryption algorithm. ā€¢ā€Æ To crack AES with 128-bit key would take 1 billion billion years for a supercomputer of today. ā€¢ā€Æ Using quantum technology with the same throughput, exhausting the possibilities of a 128-bit AES key would take about six months ā€¢ā€Æ Encryption only ever as secure as the implementation
  • 19. Connectivity weakness Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Unsecured WiFi and rogue access points add vulnerability ā€¢ā€Æ NFC/RFID has a low threat of breach but can allow mimicry ā€¢ā€Æ Bluetooth defects allow " eavesdropping and caller " identiļ¬cation
  • 20. Mobility introduces all these threats Cybersecurity and mobility in the Energy Industry
  • 21. Internet of Things Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Increases exponentially the quantity of systems that will have to be protected ā€¢ā€Æ Route of data to the provider is obvious weakness ā€¢ā€Æ Multiple points of failure ā€¢ā€Æ DDoS attacks on individual appliances ā€¢ā€Æ Introduce vulnerability to associated ļ¬nancial records
  • 22. Wearable Cybersecurity and mobility in the Energy Industry New devices means new threats and fresh cyber security considerations
  • 23. Cybersecurity and mobility in the Energy Industry Wearable
  • 24. Cybersecurity and mobility in the Energy Industry Addressing the Problem
  • 25. Cybersecurity and mobility in the Energy Industry Securing the Device
  • 26. Securing the Device Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ MDM Notiļ¬cation, access control, quarantine, selective wipe ā€¢ā€Æ MAM Authentication, storage control, copy/paste limitation ā€¢ā€Æ Data and apps ā€¢ā€Æ Event monitoring ā€¢ā€Æ Keep OS updated
  • 27. People are demanding to use their own gadgets in their jobs. Trying to thwart them is futile The Economist 92% of Fortune 500 companies are testing or deploying the iPad Tim Cook, CEO Apple When young employees ļ¬rst come across business-application screens, they scream in horror Willem Eelman, CIO Unilever Enterprise Mobility Cybersecurity and mobility in the Energy Industry
  • 28. Enterprise Mobility Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ BYOD vs COPE (Corporate owned, personally enabled) ā€¢ā€Æ Clear policy required ā€¢ā€Æ Control non-work device use
  • 29. Encryption ā€¢ā€Æ Invest in parallel solutions, be prepared for Quantum Computing ā€¢ā€Æ Encrypt data stored to cloud storage ā€¢ā€Æ Encrypt any sensitive data stored on the device as well as while being transmitted ā€¢ā€Æ Pay attention to key exchange ā€¢ā€Æ Harden networks Cybersecurity and mobility in the Energy Industry
  • 30. Internet of Things Cybersecurity and mobility in the Energy Industry ā€¢ā€Æ Assume each device or appliance is the weakest part of the system ā€¢ā€Æ Protect data captured even if it caches on the device or local network ā€¢ā€Æ Consider remote control locks as insecure as those operated locally ā€¢ā€Æ Have lock passwords change" frequently and on demand to" allow temporary access
  • 31. Securing mobile devices Cybersecurity and mobility in the Energy Industry
  • 32. Christian Glover Wilsonā€Ø Vice President, Technology & Strategy" christian.gloverwilson@tigerspike.com +1 917 310 5249 " San Francisco 875 Howard Street" 6th Floor" San Francisco, CA 94103" +1 415 562 4001" sanfrancisco@tigerspike.com New York 133 W 19th St" 7th Floor" New York, NY 10011" +1 646 330 4636" newyork@tigerspike.com Contact me San Francisco New York London Dubai Singapore Sydney Melbourne