Industry 4.0 and Internet of Things Are they a risk to your business? Bjoern Haan CEO, TĂœV Rheinland i-sec GmbH
Digital Transformation Journey. ! Worldwide population 7.3 bn ! 15 bn devices ! 3 bn internet users ! Data volume: 8.6 bn Exabyte ! Cloud revenue: 183 bn USD
! Worldwide population 6.3 bn ! 390 m internet users ! Mail encryption ! 1,000 malware models ! Mobility & BYOD ?
! Worldwide population 7.8 bn ! 50 bn devices ! 4 bn internet users ! Data volume: 40 bn Exabyte ! Cloud revenue: 500 bn USD
2020
2015 iPhone
2000
1999
TÜV Rheinland - Cyber Security
27.04.2017
2016
IoT Botnet Mirai was born ! DDOS attack with 620 Gbps ! 900.000 DSL router and households affected
1998
2
2007
Industry 4.0 and Internet of Things - Are they a risk to your business?
Industry 4.0. trends – of course you have seen this‌
M2M connections 2015
M2M connections 2020
500
3.2
Million
~40% Asia ~30% Europe ~20% North America
Quelle: Cisco, BSI, KasperskyLab
3
27.04.2017
Industry 4.0 and Internet of Things - Are they a risk to your business?
Billion
Functional Safety and Cyber Security. Cyber Security Defence against negligent and wilful actions to protect devices and facilities
Functional Safety Defence against random and systematic technical failure to protect life and environment
4
27.04.2017
Industry 4.0 and Internet of Things - Are they a risk to your business?
It’s not all about power stations ... Industrial IT
Corporate IT Systems Internet
5
27.04.2017
Industry 4.0 and Internet of Things - Are they a risk to your business?
HVAC, Boilers, Chillers
GSM/3G remote link
Controllers
BMS Workstation Windows XP
HVAC, Boilers, Chillers
BMS Network Switch
Controllers
BMS/AC Workstation Windows 7
CCTV System
HVAC, Boilers, Chillers
BMS Enterprise Server
Smart Control
Dedicated ADSL Connection
Controllers
BMS Workstation Windows 7
Physical Access Control System
Door Controllers
It‘s all about risk!
CORPORATE IT
INDUSTRIAL IT
! Data confidentiality and integrity
! Human safety, followed by process protection
! Availability may not be a major risk
! Availability is normally a major risk
! Major risk impact may be a delay or reduction in business processes
! Major risk may be loss of life or destruction of production plants, environmental damage
! System lifetime often only 2 – 3 years
! System lifetime may be 10 – 30+ years
! System patching and update is a regular occurrence
! System may never or very infrequently be updated
IoT devices and CPS are integrated with Corporate IT and/or Industrial IT Applying corporate IT tools, techniques and procedures to industrial IT can be disastrous (and so is applying industrial IT tools, techniques and procedures to corporate IT!)
6
27.04.2017
Industry 4.0 and Internet of Things - Are they a risk to your business?
TÜV Rheinland. Safety & Security. The 4th Industrial Revolution will be defined by the use of “cyber-physical” systems Protecting society since 1872 The Digital Enterprise
! $2.3 Billion ! Privately Held ! 144 Years Old ! 500 Locations ! 69 Countries ! 19,320 people
Industry 1.0 Mechanical Production
7
27.04.2017
Industry 2.0 Mass Production & Electricity
Industry 3.0 Electronic & IT Systems
Industry 4.0 and Internet of Things - Are they a risk to your business?
Industry 4.0 Cyber-physical Systems Social, Mobile, Analytics, Cloud
Digitalization and virtualization will proceed .. Fast! Top 5 - Human and economic impact to keep up with digitalization 1. Demand for know-how in industrial systems and procedures combined with IT skills 2. Demand for Data Privacy Protection with growing installation base of IoT devices - sensor technologies 3. New procedures and regulations required for inspection and certification of products and systems 4. Initiatives to generate human awareness of values and risks - Digital natives to be considered 5. Functional Safety and Security by Design - as key requirement for vendors
8
27.04.2017
Industry 4.0 and Internet of Things - Are they a risk to your business?
www.tuv.com/it-sicherheits-kongress
8th IT Security Congress 2017 Cyber Security and Quality in Digital Transformation November 7. – 8., Frankfurt/Main
9
27.04.2017
Bitte Fußzeile einfügen
Thank you for your attention
Bjoern Haan - CEO, TĂœV Rheinland i-sec GmbH