IBM: “Industry, utilities, deploying IoT faster than it can be secured”

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Security has been an afterthought for many IoT applications, but the Internet of Things cannot simply be left to become the “Internet of Threats”, warns IBM.

Industry and utilities companies, in particular, need to develop new strategies to mitigate and manage cyber risks, says the enterprise services giant.

IBM’s Institute for Business Value (IBV) has produced a new report, Internet of Threats: Securing the Internet of Things for Industrial and Utility Companies.

The document says that there is limited awareness of the need for IoT security. “An incomplete understanding of the risks posed by IoT deployments, coupled with a lack of a formal IoT security programme, contributes to the gap between IoT adoption and the capabilities in place to secure it,” it says.

IT-centric security frameworks and organisational structures are often not adequate to address the reliability and predictability needs of always-on IoT equipment.

While the Industrial Internet of Things (IIoT) represents a market that could add $ 14 trillion to the global economy by 2030, underlying concerns about the security and vulnerability of sensors and other devices “are justified”, says the company.

A separate IBM/IBV benchmarking study of 700 industrial/utilities IT and operational technology (OT) leaders found that devices and sensors, followed by IoT platforms, are the most vulnerable parts of connected deployments.

By 2020, 30 billion devices will be online, generating 600 zettabytes per year, says IBM. By 2035, more than 75 billion IoT devices will be connected.

When security plays catchup

Deploying IoT technologies at a faster pace than they are being secured can “open organisations to dangers greater than negative public sentiment”, warns IBM. “For industrial manufacturing, chemical, oil and gas, and utilities, security breaches can lead to large-spread contamination, environmental disasters, and even personal harm.”

Operational IT has become a growing target, accounting for 30 percent of all cyberattacks, continues the report.

In the Middle East, for example, 50 percent of cyberattacks are directed against the oil and gas industry, creating major impacts to safety, productivity, and efficiency.

Despite this, most industrial and utilities organisations are still in the early stages of adopting best practices and protective technologies to mitigate IoT security risks, says IBM. “Only a small percentage have fully implemented operational, technical and cognitive practices, or IoT-specific security technologies,” adds the report.

As a result, the IoT security capabilities of most organisations “are in their infancy”, with cybersecurity risks “still being evaluated and risk assessments performed on an ad hoc basis”.

Part of this is down to an ongoing shortage of cybersecurity skills, and the slow emergence of IoT security standards. But what can organisations actually do about the expanding threat landscape?

IBM’s actions to take

First, organisations must recognise that IoT security doesn’t exist in a vacuum, says the report. “Procedures must be followed, practices and technologies adopted, and measures taken to meet key performance indicators (KPIs).”

Next, organisations should implement practices that follow an operational excellence model of people, process, and technology to build IoT security capabilities.

“Increase employee visibility into IoT security operations, IT, and OT. Makers of next-generation connected devices and services may consider purchasing insurance against software malfunctions and any damage hackers might cause,” suggests the report.

“Know when and how to be proactive,” it continues. “To prepare an effective response to cyberattacks, carry out breach simulations, regular field and plant situational awareness, and engage in security operation centre monitoring.”

Useful technologies

The separate IBV benchmarking study gauged the use of a number of technology solutions for delivering IoT security. These included:-

• Encryption to protect against attacks that could compromise sensitive information and lead to the destruction of property and equipment, or create personal safety issues.

• Network security and device authentication, to secure deployments between IoT devices, edge equipment, and back-end systems and applications.

• Security analytics, to identify potential IoT attacks and intrusions that may have bypassed traditional security controls.

• Identity and access management, which can help enterprises and service providers manage and secure relationships between identities and IoT devices.

These are all excellent approaches, says IBM, but the overwhelming need is to look at IoT security as a strategic business issue, and not as a technology problem demanding point solutions.

Internet of Business says

So far, 2018 has seen a number of key trends dominating IoT announcements. Among these have been: the rise of driverless vehicles and drones; the coming of 5G; and the use of connected technologies in healthcare and retail. However, the strongest and most consistent message has been a warning about lax IoT security, both from a provider and user perspective.

IBM has a long track record in sounding the alarm about these issues, having carried out some of the earliest security tests on devices such as connected cars, lightbulbs, and enterprise HVAC systems, all of which it found to have serious flaws – such as the brakes of a smart car that white-hat researchers were able to disable with a hacked MP3 file some years ago. It seems that little has changed since then.

As one of the biggest names in enterprise technology – which itself has refocused on cognitive services and connected systems – let’s hope that more organisations pay attention to both its warnings and its practical advice.

You can download IBM’s full report from Internet of Business here.

Read more: Security camera “riddled” with 13 serious security flaws

Read more: UK government proposes IoT security and device labelling scheme

Read more: IoT ramps up cyber security risk, says in-depth report

Read more: Infrastructure security: Five vital steps to NIS compliance

The post IBM: “Industry, utilities, deploying IoT faster than it can be secured” appeared first on Internet of Business.

Internet of Business

Cash For Apps: Make money with android app

Analysis: Machine learning has much to teach utilities companies

Why machine learning has much to teach utilities

Machine learning techniques look set to transform the way that utilities companies predict customer usage and production capacity in the years ahead. 

Utilities take note: when it comes to analyzing data, machine learning could be your best bet for achieving new insights, far outstripping other methods in terms of effectiveness, according to a new report published by analyst company Navigant Research, Machine Learning for the Digital Utility.

While machine learning has existed in parts of the ‘utility value chain’ for years, various drivers are expected to increase its use in other parts of the business, the report says. In particular, it has several advantages over other approaches when it comes to customer segmentation, pricing forecasts, anomaly decision, fraud detection and predictive maintenance. Basically, it’s about jobs that use the analytic processes of clustering, regression and classification.

“The utilities industry is already using self-learning algorithms, particularly in the field of asset monitoring and predictive maintenance, and several reasons suggest the use of machine learning will expand to many more use cases and its adoption will accelerate,” says Stuart Ravens, principal research analyst at Navigant.

Read more: Utilities tell their networks: “Smart grid, heal thyself”

Learning how to integrate renewables

As we see it at Internet of Business, this could be of particular interest to utilities struggling to integrate renewable energy with more traditional sources of power supply. Wind and solar power is erratic – it’s hard to predict how much energy a utility can harness this way unless it knows exactly how long and how hard the wind will blow and/or the sun will shine.

Here, machine learning could provide some insight, enabling utilities to better predict renewable production and integrate it with other forms of supply. That’s the theory, at least, that software company Powel has tested out with a large utility in Norway, along with analytics specialist Swhere, on a project that applied machine learning for wind forecasting.

This involved answering three questions: When does wind occur, how powerful is it and in what direction does it blow? According to Swhere founder Dr Ernst van Duijn, the goal was to use machine learning algorithms to detect patterns in the wind that could lead to deeper insight into production capability. The results suggest it’s possible to reduce uncertainty in wind power production by more than 45% and, as a result, cut the costs of penalties that are applied when a utility is unable to meet its commitment to provide a certain amount of renewable energy.

Read more: GE to provide Enel with software for monitoring power plant assets

Learning how to digitally disrupt

Machine learning may also be an enabler of entirely new utilities companies – ‘disrupters’ who are looking to topple incumbent providers. Take Drift, for example, a start-up power utility company based in Seattle that is using a combination of machine learning technologies, among others, to provide customers with cheaper wholesale energy prices, through being able to more accurately predict their consumption.

Fortunately, machine learning technologies have never been more accessible to utilities of all types and all sizes. According to Stuart Ravens at Navigant Research, “During the past decade, it has become easier for companies to deploy machine learning thanks to falling costs, new technological advancements, a softening of conservative attitudes and a fresh approach to analytics procurement,” he adds.

That’s good news because, for utilities, machine learning may not just be what they need to thrive in the digital age. It may even be what they need to survive.


Coming soon: Our Internet of Energy event will be taking place in Berlin, Germany on 6 & 7 March 2018. Attendees will hear how companies in this sector are harnessing the power of IoT to transform distributed energy resources. 

Internet of Energy DE

The post Analysis: Machine learning has much to teach utilities companies appeared first on Internet of Business.

Internet of Business

Utilities tell their networks: “Smart grid, heal thyself”

Utilities tell their networks: “Smart grid, heal thyself”

As smart grids get smarter, utilities are increasingly looking for ways to enable them to diagnose and heal their own problems. 

In early January, the Idaho National Laboratory (INL), part of the US Department of Energy, announced plans to demonstrate a system of microgrids over the coming months that can restore and maintain power after a major outage – without the need for human intervention. In other words, this work looks to build power grids that can heal themselves,

“In the aftermath of natural disasters, damage to an electrical grid can slow the recovery effort and prolong human suffering,” writes Cory Hatch of INL in an article about the research work. The same applies, of course, to any other catastrophic event or, say, a cyberattack.

The researchers chose Cordova, Alaska as their demonstration site because the small fishing village in the Prince William Sound and its electrical grid are isolated from the rest of the world, relying on hydroelectric, diesel and solar power generation.

The system will include switches that can isolate one part of a microgrid, enabling undamaged parts of the grid to continue to function during an emergency. It will also employ equipment that monitors changes in the grid in real time. If the grid is damaged or disabled, those parts that are still functioning will have the intelligence to ensure that critical public services – medical centres and emergency shelters, for example – still have power. “In a sense,” writes Hatch, “the system is smart enough to reconfigure itself.”

Read more: GE to provide Enel with software for monitoring power plant assets

Growth market

The idea of self-healing in utility grids is not, in itself, a new one – although this INL experiment takes it to another, more all-encompassing level. Still, there are plenty of utilities worldwide that are looking to introduce new technologies on a more incremental basis to make grids smarter, so smart they can diagnose and heal any problems they experience.

In fact, according to a report issued this week by analyst firm Research & Markets, the global self-healing grid market will reach $ 2.7 billion by 2022, up from around $ 1.7 billion in 2017.

“The self-healing grid market is driven by factors such as the government policies and legislative mandates for T&D [transmission and distribution] utilities, complexity in distributed energy generation, and the need for protection of electric utilities from cyber attack,” write the report’s authors. The key players in the self-healing grid market include ABB, Siemens, GE, Eaton and Schneider Electric.

Read more: Battery tech will power global smart grid ambitions

Schneider and Stedin

For example, energy management giant Schneider Electric has worked with Dutch utility Stedin to create a decentralized, underground self-healing network – the first of its kind in Europe, according to Schneider executives. The self-healing unit is based on Schneider’s Easergy T200 Remote Terminal Unit. These are units are installed in electricity substations and can communicated with each other via a virtual private network.

If a fault occurs, the control centre is notified – but there’s no need to wait for an operator response, because the units will use Schneider Electric’s EcoStruxure IoT platform to work together on identifying faults, isolating and repairing them.

Today, in the case of an outage that might previously have lasted two hours, the self-healing system cuts the time of re-energizing the unaffected parts of the grid to under 30 seconds.


Coming soon: Our Internet of Energy event will be taking place in Berlin, Germany on 6 & 7 March 2018. Attendees will hear how companies in this sector are harnessing the power of IoT to transform distributed energy resources. 

Internet of Energy DE

The post Utilities tell their networks: “Smart grid, heal thyself” appeared first on Internet of Business.

Internet of Business