Tag: IoT

COVID-19 has ensured that the few businesses which did not have an online presence became acutely aware that they needed one. It created a need for many businesses to quickly initiate eCommerce. Forbes reported a 77% increase in eCommerce infrastructure spending YoY. This represents about 4 years of growth squeezed into the first 6 months of 2020!

From a CX point of view there is going to be far more interaction with brands and products through online channels. This is not just about eCommerce and buying from a portal. It is also about using tools like Instagram, Facebook and other social media platforms more widely. It is about learning to interact with the customer in multiple ways and touching their journeys at multiple points, all virtually using the web – mostly the mobile web.

Ecosystm research shows that almost three out of four companies have decided on accelerating or modifying the digitalisation they were undergoing (Figure 1). It is fair to expect that this gives a further boost to moving to the cloud. For the customer it will mean being able to access information in many new ways and connect with products, services, brands at multiple points on the web.

Since interacting with the customer at multiple points is new for most services, I foresee a lot of missed opportunities as companies learn to navigate a completely different landscape. Customers pampered by digitally native organisations often react harshly to even a small mistake. It will become critical for companies to not just become a bigger presence online but also to manage their customers well.

New solutions such as Customer Data Platforms (CDP), as opposed to CRM will become common. Players who are into Customer Experience management are likely to see huge business growth and new players will rapidly enter this space. They will promise to affordably manage CX across the globe, leveraging the cloud.

#2 Virtual Merges with Real

Virtual and Augmented Reality are not new. They have been around for a while. This will now cross the early adoption stage and is likely to proliferate in terms of use cases and importance.

AR/VR has so far been seen mainly in games where one wears an unwieldy – though ever-improving – headset to transport oneself into a 3D virtual world. Or in certain industrial applications e.g., using a mobile device to look at some machinery; the device captures what the eye can see while providing graphical overlays with information. In 2021 I expect to see almost all industrial applications adopting some form of this technology. This will have an impact on how products are serviced and repaired.

For the mainstream, 2020 was the year of videoconferencing – as iconic as the shift to virtual meetings has been, there is much more to come. Meetings, conferences, events, classrooms have all gone virtual. Video interaction with multiple people and sharing information via shared applications is commonplace. Virtual backgrounds which hide where you are actually speaking from are also widely used and getting more creative by the day.

Imagine then a future where you get on one of these calls wearing a headset and are transported into a room where your colleagues who are joining the call also are. You see them as full 3D people, you see the furniture, and the room decor. You speak and everyone sees your 3D avatar speak, gesture (as you gesture from the comfort of your home office) and move around. It will seem like you are really in the conference room together! If this feels futuristic or unreal try this or look at how the virtual office can look in the very near future.  

While the solutions may not look very sophisticated, they will rapidly improve. AR/VR will start to really make its presence felt in the lives of consumers. From being able to virtually “try” on clothes from a boutique to product launches going virtual, these technologies will deeply impact customer experience in 2021 and beyond

In the immortal words of Captain Kirk, we will be going where no man has gone before – enabled by AR / VR.

#3 Digital CX will involve Multiple Technologies

AI, IoT and 5G will continue to support wider CX initiatives.

The advances that I have mentioned will gain impetus from 5G networking, which will enable unprecedented bandwidth availability. To deliver an AR experience over the cloud, riding on a 5G network, will literally be a game changer compared to the capabilities of older networks.

Similarly, IoT will lead to massive changes in terms of product availability, customisation and so on. 5G-enabled IoT will allow a lot more data to be carried a lot faster; and more processing at the edge. IoT will have some initial use cases in Retail, Services and other non-manufacturing sectors – but perhaps not as strongly as some commentators seem to indicate.

AI continues to drive change. While AI may not transform CX in 2021, this is a technology which will be a component of most other CX offerings, and so will impact customer experience in the next few years. In fact, thinking of businesses in 2025 I cannot believe that there will be a single business to customer (B2C) interaction which will not feature some form of AI technology.

I’d be interested to hear your thoughts on the technologies which will impact CX in 2021 – Connect with me on the Ecosystm platform.

In the recently published the Top 5 Cybersecurity & Compliance Trends for 2021 report Ecosystm predicts that 2021 is when M&As will ramp up in earnest to consolidate the fragmented cybersecurity market. The pandemic has slowed down M&A activities in 2020. Early signs of what we can expect from the market when we emerge from COVID-19 can be seen in the recent acquisition of Asavie by Akamai Technologies. The market is realising the full implication of the shift to remote working and the potential of increased cyber threats – and this acquisition is a sign that larger vendors will continue to strengthen their cybersecurity capabilities by acquiring vendors, with complementary capabilities.  

Asavie Enabling the Secure Office Anywhere

Asavie, headquartered in Ireland, offers a global platform that manages the security, performance, and access policies for mobile and internet-connected devices. Asavie delivers secure access to business resources for a mobile workforce – without requiring installation and management of client software. Increasing mobile workloads and Office Anywhere trends mean that the enterprise private network is no longer just PCs/laptops. All enterprise endpoints must be considered to be a part of the enterprise network – and security and authentication solutions must be able to handle this. Organisations will need to explore options where they can give seamless access to their employees without straining their IT and cybersecurity teams – a rapidly installable, scalable, and cloud-managed solution will become a necessity. 

More than ever before, enterprises will have to treat all endpoints as branches of the organisation, and the Future of Work goes beyond enabling home offices. The Global CXO Study: The Future of the Secure Office Anywhere finds that 66% of IT and business leaders think of multiple locations, when they think of Office Anywhere. Employees will work wherever they get the best work experience and are most productive. Future work patterns will require that all endpoints are considered as extended branches of the organisation. This involves the ability to extend the enterprise WAN – with speed, flexibility, and security in mind – whether it is a temporary or a home office, an ad-hoc point of sales or an employee on the go. Every employee or device should be treated like a Branch of One.

Ecosystm Comments

“Akamai has been diversifying away from its well-known content delivery network (CDN) offering and has successfully built its security business offering in recent years. In 2019, the company nearly doubled its security revenue to USD 849 million from just USD 488 million in 2017. In their 3rd quarter financial results reported in end October 2020, the Cloud Security Solutions revenue was US$266 million, up 23% year-over-year.”

“The move into the mobile security segment has been timely for Akamai as enterprise application and content is moving from behind the firewall to the cloud; adding to the criticality of the cybersecurity threat management. The COVID-19 pandemic has further driven the onboarding of businesses and consumers alike, adding to significant addressable market opportunities.”

“The acquisition of Asavie is a strategic move. Asavie’s solution effectively extends the enterprise security management to incorporate mobile devices as a ‘Branch of One’ enabling CIOs and CISOs to manage security and policies the same way as traditional enterprise network resources. The growth of 5G will further drive IoT devices and a myriad of applications and use cases which will provide for a significant growth opportunity for Akamai – the acquisition of Asavie is a positive move to support this trend.”

Akamai Strengthens Intelligent Edge Capabilities

Asavie’s mobile, IoT and security solutions will integrate with Akamai’s Security and Personalisation Services (SPS) product line sold to carrier partners that embed the solution within the technology bundle sold to their subscribers. With the Asavie acquisition, Akamai intends to help their carrier partners address enterprise and mid-market customer demand for IoT and mobile device security and management services.

Ecosystm Comments

“The addition of Asavie to Akamai’s SPS product line provides synergy for the company to expand into new addressable markets for the remote workforce and internet-connected devices to deliver superior experience in a multi-cloud environment. The Global CXO Study conducted by Ecosystm found that three quarters of the organisations rate mobile security as an important or very important part of their digital transformation strategy. Secure mobile experiences will be a core element of the enterprise going forward in the post COVID-19 business environment – driven by employee needs for mobile services and corporate resources from remote locations, with superior identity and policy management, in a frictionless manner.”

“There is an opportunity for mobile service providers and mobile virtual network operators (MVNOs) to leverage the Asavie solution combined with Akamai’s strength at the edge with over 1,500 networks worldwide to offer cloud-based value-added cybersecurity services. The Global CXO Study also found that scaling of endpoint security was a major pain point for half the organisations with more than 100 branches. Service providers can become the enabler by offering services for small and medium enterprises (SMEs) to dynamically adapt their network and security services to fluctuating demand conditions.”                          

“Although Akamai does offer CDN services for the SME segment, the company heavily relies on service providers and carriers to address this segment in the CDN, cloud security and its burgeoning IoT Edge offerings. Asavie’s market approach is similar and its products and services portfolio appears to complement Akamai’s very well, making it a very good fit for the company. Not only will it enhance Akamai’s SME positioning on the secure connectivity space, but it will also boost its offerings for carriers in the IoT space.”

“Carriers have had a checkered history at best, in understanding and making the most of data services. Mobile Internet took off because of smartphone manufacturers (Apple) and Internet companies – not through carrier offerings. Although carriers appear to be more proactive and forward-looking with regards to IoT, they should not expect to have the foresight to see what services and business cases will make 5G and IoT truly profitable. Rather, their main focus should be on enabling the secure and flexible infrastructure that can ultimately enable others to develop the use cases. The next logical step would then be for carriers to develop IoT orchestration platforms that can manage much larger parts of the IoT value chain. If they succeed in this (and even if they don’t) it could result in a major boost for Akamai’s CDN business.”

“In other words, carriers need help with IoT and to that end, Akamai’s acquisition of Asavie may strengthen its ability to support carriers to reach that goal.”

The full findings and implications of The top 5 Cybersecurity & Compliance Trends For 2021 are available for download from the Ecosystm platform. Sign up for Free to download the report.

Telstra and Microsoft have extended their partnership to jointly build solutions harnessing the capabilities of AI, IoT, and Digital Twin technologies in Australia. The partnership will also enable both companies to work on sustainability, emission reduction, and digital transformation initiatives.

The adoption of cloud and 5G technology is already on the rise and creating opportunities across the globe. The Microsoft-Telstra partnership is set to bring together the capabilities of both providers for businesses in Australia and globally. Their focus on AI, IoT, cloud and 5G will enable Australia’s developers and independent software vendors (ISVs) to leverage AI with low latency 5G access to drive efficiency, and enhance decision making. This will also see practical applications and new solutions in areas like asset tracking, supply chain management, and smart spaces to enhance customer experience.

Technology Enhancing the Built Environment

Microsoft Azure and Telstra’s 5G capabilities will come together to develop new industry solutions – the combination of cloud computing power and telecom infrastructure will enable businesses and industries to leverage a unified IoT platform where they can get information through sensors, and perform real-time compute and data operations. Telstra and Microsoft will also build digital twins for Telstra’s customers and Telstra’s own commercial buildings which will be initially deployed at five buildings. Upon completion, the digital twin will enable Telstra to form a digital nerve centre and map physical environments in a virtual space based on real-world models and plot what-if scenarios.

Telstra CEO, Andy Penn says, “If you think about the physical world – manufacturing, cities, buildings, mining, logistics – the physical world hasn’t really been digitised yet. So, how do you digitise the physical world? Well, what you do is put sensors into physical assets. Those sensors can draw information around that physical asset, which you can then capture and then understand.”

Ecosystm Principal Advisor, Mike Zamora finds the comment interesting and says, “It isn’t so much that the physical world is digitized – it is more about how digital tools enhance and enable the physical world to be more effective to help the occupier of the space. This has been the history of the physical space.  There have been many ‘tools’ over time to help the physical world – the elevator in the late 1880s enabled office buildings to be taller; the use of steel improved structural support, allowing structural walls to be thinner and buildings taller. These two ‘tools’ enabled the modern skyscraper to be born.  The HVAC system developed in the early 1900s, enabled occupants to be more comfortable inside a building year-round in any climate.” 

“Digital tools (sensors, etc) are just the latest to be used to enhance the physical space for the occupant. Digital twins enable an idea to be replicated in 3D – prior to having to spend millions of dollars and hundreds of man hours to see if a new idea is viable. Its advent and use enable more experimentation at a lower cost and faster set up. This equates into a lower risk. It is a welcomed tool which will propel the experimentation in the physical world.” 

Talking about emerging technologies, Zamora says, “Digital twins along with other digital tools, such as 3D printing, AI, drones with 4K cameras and others will enable the built environment to develop at a very quick pace. It is the pace that will be welcomed, as the built environment is typically a slow-moving asset (pardon the pun).”

“Expect the Built Environment developers, designers, investors, and occupiers to welcome the concept. It will allow them to dream of the possible.”

Telstra and Microsoft – Joint Goals

Telstra and Microsoft have partnered over the years over multiple projects. Last year, the companies partnered to bring Telstra’s eSIM functionality to Windows devices for data and wireless connectivity; they have also worked on Telstra Data Hub for secured data sharing between data producers, businesses and government agencies; and most recently collaborated on Telstra’s exclusive access to Xbox All Access subscription service to Australian gamers with the announcement of Microsoft’s Xbox Series X and Xbox Series S gaming consoles expected to release in November.

This announcement also sees them work jointly towards their sustainability goals. Both companies are committed to sustainability and addressing climate change. Earlier this year, Microsoft announced its plans to be carbon negative by 2030, while Telstra has also set a target to generate 100% renewable energy by 2025 and reducing its absolute carbon emissions by 50% by the same time. To enable sustainability, Telstra and Microsoft are exploring technology to reduce carbon emissions. This includes further adoption of cloud for operations and services, remote working, and piloting on real-time data reporting solutions.

Telstra also aims to leverage Microsoft technology for its ongoing internal digital transformation, adopting Microsoft Azure as its cloud platform to streamline operations, and infrastructure modernisation, including transition from legacy and on-premise infrastructure to cloud based applications.

I have already been examining the new approaches to using big data in facilities management. This is done by developing smarter office spaces, embedded with devices employing Ambient Intelligence (AmI). Research looked at how the intelligent use of big data contributed to building an environment with greater energy efficiency, optimised space utilisation, enhanced workplace experience and occupants’ comfort. This includes sound masking, the use of lighting for enhance environments, and sensors for occupancy for hygiene controls.

Ambient Intelligence (AmI)

AmI refers to electronic environments that are sensitive and responsive to the presence of employees, residents or visitors. These environments can have ecosystems (pun intended) of different IoT devices communicating with each other.

There is a real emphasis here on edge computing, sensors and other IoT devices, and building intelligence into the edge for near real-time decision making closer to where the problem may sit. Ecosystm research finds that construction firms focus a significant amount of IoT investment for building management and energy management (Figure 1).

For example, if an HVAC system is on the verge of malfunction, the system could send a message for a repair intervention. When it comes to AI, predictive maintenance and surveillance are two of the leading use cases in the construction industry (Figure 2).

Building 4.0 Co-operative Research Centre (CRC)

In Australia, this push for sustainable and smarter building development is being driven by a consortium of companies looking at Big Data and infrastructure development for buildings. This year, the Building 4.0 Co-operative Research Centre (CRC) has been awarded a USD 19.5 million grant to focus on medium to long-term industry-led collaborations that can assist in driving the growth of new industries. The Australian building and construction industry is a major economic engine that contributes 13% of GDP and employs over 1.4 million Australians. Development of the Building 4.0 CRC makes sense and is timely given the current pandemic and economic conditions.

Part of its research program focus on develop new building processes and techniques through leveraging the latest technologies, data science and AI to ultimately improve all aspects of the key building phases. Their overall ecosystem is designed for enablement of several use cases (Figure 3).

The Building 4.0 CRC’s principle aims are “to decrease waste; create buildings that are faster, cheaper, and smarter; and capture new opportunities by facilitating collaborative work between stakeholders across the whole value chain in cooperation with government and research organisations.”

Green Star, the rating system which was created by Green Building Council of Australia (GBCA) in 2003, rates the sustainability of buildings, fit outs and communities through Australia’s largest national, voluntary, holistic rating system. The GBCA is a partner organisation in the Building 4.0 CRC – as are many other major organisations in construction and trade, all pulling together here, for innovative efforts for the industry.

Where might the Building 4.0 CRC effort make an impact? Its collaborative structure of industry, academia, vocational trade organisation and governmental bodies harness innovative ideas to transmit them to transformative practices of industry and construction partners.

To be smarter, one must work smarter and more efficiently.  A consortia such as this pulls the best minds together to try to accelerate industry efforts for intelligent design with data.

Last week, NVIDIA announced that it had agreed to acquire UK-based chip company Arm from Japanese conglomerate SoftBank in a deal estimated to be worth USD 40 billion. In 2016, SoftBank had acquired Arm for USD 32 billion. The deal is set to unite two major chip companies; power data centres and mobile devices for the age of AI and high-performance computing; and accelerate innovation in the enterprise and consumer market.

Rationale for the Deal

NVIDIA has long been the industry leader in graphics chips (GPUs), and a smaller but significantly profitable player in the chip stakes. With graphic processing being a key component in AI applications like facial recognition, NVIDIA was quick to capitalise. This allowed it to move into data centres – an area long dominated by Intel who still holds the lion’s share of this market. NVIDIA’s data centre business has grown tremendously – from near zero less than ten years ago to nearly USD 3 billion in the first two quarters of this fiscal year. It contributes 42% of the company’s total sales.

The gaming PC market has been the fastest-growing segment in the PC market. The rare shining light in an otherwise stagnant-to-slightly declining market. NVIDIA has benefited greatly from this with a huge jump in their graphics revenues. Its GeForce brand is one of the most desired in the industry. However, with their success in AI, NVIDIA’s ambition has now grown well beyond the graphics market. Last year NVIDIA acquired Mellanox – who makes specialised networking products especially in the area of high-performance computing, data centres, cloud computing – for almost USD 7 billion. There is clearly a desire to expand the company’s footprint and position itself as a broad-based player in the data centre and cloud space focused on AI computing needs.

The acquisition of Arm though adds a whole new dimension. Arm is the leading technology provider in the mobile chip market. A staggering 90% of smartphones are estimated to use Arm technology. Arm is the colossus of the small chip industry – having crossed 20 billion in unit shipments in 2019.

Acquiring Arm is likely to result in NVIDIA now having a play in the effervescent smartphone market. But the company is possibly eyeing a different prize. Jensen Huang, Founder and CEO of NVIDIA said “AI is the most powerful technology force of our time and has launched a new wave of computing. In the years ahead, trillions of computers running AI will create a new internet-of-things that is thousands of times larger than today’s internet-of-people. Our combination will create a company fabulously positioned for the age of AI.”

With thoughts of self-driving cars, connected homes, smartphones, IoT, edge computing – all seamlessly working with each other, the acquisition of Arm provides NVIDIA a unique position in this market. As the number of connected devices explodes, as many billions of sensors become an ubiquitous part of 21^st century living, there is going to be a huge demand for low power processing everywhere. Having that market may turn out to be a larger prize than the smartphone market. The possibilities are endless.

While this deal is supposed to be worth around USD 40 billion, somewhere between USD 23-28 billion is going to be paid in the form of NVIDIA stock. This brings us to an extremely interesting dynamic. At the beginning of 2016 NVIDIA’s market cap was less than USD 20 billion. Mighty Intel was at USD 150 billion. AMD the other player in the market for chips who also sell graphics was at a mere USD 2 billion. In July this year, NVIDIA’s value passed Intel’s and today it is sitting at around USD 300 billion! Intel with a recent dip is now close to USD 200 billion. AMD too with all the tech-fueled growth in recent years has grown to just shy of USD 100 billion market cap.

What this tells us is that the stock portion of the deal is cheaper for NVIDIA today by around 55% compared to if this deal was consummated on 1^st January 2020. If there was a right time for NVIDIA to buy – it is now. This also shows the way the company has grown revenue at a massive clip powered by Gaming PCs and AI. The deal to buy Arm appears to be a very good idea, which would establish NVIDIA as a leader in the chip industry moving forward.

Ecosystm Comments

While there appears to be some good reasons for this deal and there are some very exciting possibilities for both NVIDIA and Arm, there are some challenges.

The tech industry is littered with examples of large mergers and splits that did not pan out. Given that this is a large deal between two businesses without a large overlap, this partnership needs to be handled with a great deal of care and thought. The right people need to be retained. Customer trust needs to be retained.

Arm so far has been successful as a neutral provider of IP and design. It does not make chips, far less any downstream products. It therefore does not compete with any of the vendors licensing its technology. NVIDIA competes with Arm’s customers. The deal might create significant misgivings in the minds of many customers about sharing of information like roadmaps and pricing. Both companies have been making repeated statements that they will ensure separation of the businesses to avoid conflicts.

However, it might prove to be difficult for NVIDIA and Arm to do the delicate dance of staying at arm’s length (pun intended) while at the same time obtaining synergies. Collaborating on technology development might prove to be difficult as well, if customer roadmaps cannot be discussed.

Business today also cannot escape the gravitational force of geo-politics. Given the current US-China spat, the Chinese media and various other agencies are already opposing this deal. Chinese companies are going to be very wary of using Arm technology if there is a chance the tap can be suddenly shut down by the US government. China accounts for about 25% of Arm’s market in units. One of the unintended consequences which could emerge from this is the empowerment of a new competitor in this space.

NVIDIA and Arm will need to take a very strategic long-term view, get communication out well ahead of the market and reassure their customers, ensuring they retain their trust. If they manage this well then they can reap huge benefits from their merger.

This appears to be a global phenomenon. Honda manufacturing plants went offline in June after a cyber-attack compromised some of the Japanese automaker’s facilities. The same pattern emerged in a separate attack at the same time targeting Edesur S.A., a company belonging to the Enel Group that confirmed its internal IT network was disrupted due to a ransomware attack, which was caught by antivirus software before the malware could infect. Both companies had machines with Internet-accessible remote desktop servers, which is a favorite infection method among attackers nowadays. One of Australia’s largest brewers, Lion also faced a ransomware outbreak, last month. In Israel, it was reported that a cyber-attack very nearly poisoned the water supply with the attackers attempting to overload the water system with chlorine, and in recent days, a fire and explosion at an Iranian nuclear plant is suspected of being caused by cyber-attack.

These attacks highlight the need for appropriate investments in cybersecurity by companies and municipalities that own or operate critical infrastructure, properties (including places of public congregation, retailers and others) that are rapidly deploying a suite of operational technologies, and businesses in the manufacturing sector.

Operational Technology (OT) is the backbone of modern industrial operations and is a network of multiple computing systems that perform operations including production line management, operations control and industrial monitoring. OT can further include specific computing systems like industrial control systems (ICS) which is a collection of control systems used to operate and/or automate industrial processes. There are several types of ICSs, the most common of which are Supervisory Control and Data Acquisition (SCADA) systems, and Distributed Control Systems (DCS). With such industrial systems and smart end-user products connected by a common network, several vulnerabilities may appear.

In OT security, the focus is much less on information, but more on the industrial process that technology controls. Hence, availability and integrity are often more important than confidentiality. Any organisation employing OT should employ continual risk-based assessments of their cybersecurity posture to prioritise and tailor recommended guidelines and solutions to fit specific security, business, and operational requirements.

Why is OT More Vulnerable?

OT systems are versatile and can be found in all kinds of industrial settings and infrastructures like smart buildings, oil and gas, energy generation/distribution, mining, wastewater treatment/distribution, manufacturing, food production, consumer devices and transport. In fact, almost every business in 2020 has an element of IoT within their operations.

A big issue with OT is that a lot of the technology in place is over 20 years old and therefore was not designed to provide the security capabilities required to face cyber threats in 2020. Legacy technology often requires legacy hardware and software to support it – much of which is the end of life and unsupported by the vendors (for example, consider SCADA systems still reliant on Windows NT or older Unix based systems, which have not been supported by their vendors for many years).

OT systems have also been damaged as unintended side effects of problems starting in corporate networks that took advantage of increasing connectivity, proving clearly that the standard PCs that now form part of a typical organisation’s IT environment are in turn used to manage OT systems and become a major vector for such cyber-attacks.

When it comes to OT, safety and reliability are the primary concerns as attackers aim to disrupt the critical services industry and their customers rely upon them. Given the increasing propensity of connecting OT systems with corporate networks for ease of management and the growing use of IoT systems, the likelihood of such systems being affected by vulnerabilities exploitable over the network is increasing exponentially.

For almost every business – not just critical infrastructure providers – most technologies we deploy include connectivity to the internet. Not knowing what systems and external access to these systems that your business is introducing in its everyday technology investment create significant risks to the broader business operations.

Manufacturing businesses and critical infrastructure providers realise that there is need to re-evaluate their cybersecurity measures, in the wake of the COVID-19 crisis, according to the findings of the Ecosystm’s ongoing “Digital Priorities in the New Normal” study (Figure 1).

But these measures may not be sufficient, as indicated by the slew of cyber-attacks on these organisations.

Why are these attacks successful?

There are several reasons why OT attacks are successful:

• Unauthorised access to internet-facing systems (e.g. deploying an IoT with the default username and password)
• Introduction of a compromised device (e.g. USB stick) to the environment that infects the network (often employee action)
• Exploitation of zero-day vulnerabilities in control devices and software
• Propagated malware infections within isolated computer networks (i.e. The attacker can place a receiving device to make contact over a channel that can propagate across the isolated network)
• SQL injection via exploitation of web application vulnerabilities
• Network scanning and probing
• Lateral movement (i.e. inadequate segmentation which results in attackers being able to move between systems, groups of systems, network zones and even geographical locations.)

How can they be prevented?

The mitigation cannot rely solely on the organisation building security around the deployment nor can it be a reactive approach to fixing vulnerabilities in production, as they are identified. It begins with the OT vendors building security within; however, as with most IT systems and applications, this will evolve over time. For example, there is an initiative in Australia – driven by the IoT Alliance Australia (IOTAA) – to introduce a ‘Trust Mark’ for IoT devices that pass a certification process for security and privacy in product development. This is targeted to launch in September 2020 but could take many years to gain real traction. Thus, for the foreseeable future, the best operational outcomes must be planned and managed by the consumers of the technologies.

Here are the best practices to reduce exploitable IoT weaknesses and attacks occurring in your business:

• Maintain an accurate inventory of Operational Systems and eliminate any exposure of these systems to external networks
• Establish clear roles and responsibilities for your organisation and your vendors, to ensure cybersecurity risk is being addressed and managed throughout the OT lifecycle
• Implement network segmentation and apply firewalls between critical networks and systems.
• Use secure remote access methods
• Establish Role-Based Access Controls (RBAC) and implement system logging
• Use only strong passwords, change default passwords, and consider other access controls (especially for any elevated privileges) such as multi-factor authentication, privileged access management solutions, etc.
• Establish threat intelligence feeds from your OT vendors and security vendors to ensure you remain abreast of new vulnerabilities, software/firmware patches and threats targeting systems you employ
• Develop and enforce policies on mobile devices, including strict device controls for any device connecting to OT systems or network zones
• Implement an employee cybersecurity training program
• Establish and maintain rigorous testing and patching program including vulnerability assessment and penetration testing
• Implement measures for detecting compromises and develop a cybersecurity incident response plan with a specific focus on responding to a disruptive attack on your OT environment
• Maintain an up-to-date Business Continuity Plan that can be deployed rapidly in response to a significant disruption

5/5 (1) Last week industry leaders, SAP and Siemens, announced a partnership to bring together their respective expertise on creating integrated and enhanced solutions for product lifecycle management (PLM), supply chain, service and asset management, in a move that is expected to accelerate Industry 4.0 globally.

The partnership between SAP and Siemens aims to develop innovative business models to break silos between manufacturing, product development and service delivery teams to establish seamless customer-centric processes. It will provide users with real-time business information, customer insights and performance data over the entire product development cycle.

As the first step of this agreement, Siemens will offer SAP’s Intelligent Asset Management solution and Project and Portfolio Management applications and SAP will offer Siemens’ PLM suite Teamcenter software for product lifecycle collaboration and data management to manufacturers and business operators across the network – complementing each other’s solutions.

Ecosystm Principal Advisor, Kaushik Ghatak says, “The convergence of the Information Technology (IT) and the Operational Technology (OT) worlds is a must for companies to operate in the cyber physical world of Industry 4.0. Historically, these two worlds have operated in silos. This is a great partnership announcement aimed towards meeting the convergence goals by integrating the capabilities of Siemens (an OT leader), and SAP (an IT leader). Together they would be able to offer an exhaustive set of very valuable offerings in the Digital Supply Chain and Digital Manufacturing domain for customers worldwide.”

Ghatak says, “This is not the first such partnership for Siemens. A strategic alliance between Siemens and Atos has been in place since 2011. In 2018 the alliance was strengthened with plans to accelerate their joint business until 2020, with a focus on building innovative solutions by combining their capabilities. However, the difference this time is that SAP has very a deep and wide set of software offerings in the supply chain and manufacturing domains, which when stitched together with Siemens’ PLM solutions can provide true end-to-end digitalisation capabilities across the ‘Design, Source, Make, Deliver and Plan’ continuum of the value chain.”

Ecosystm Comments

Ghatak, however, cautions that while this is a great partnership announcement between two giants in their respective fields, they will need to collaborate actively on three key aspects for this partnership to deliver value for the customers.

• Product Development. Building-integrated solutions with heterogenous data models is not easy. It will require very open collaboration between their product development teams to identify the use cases and build solutions that can enable seamless information flow and actions across the different software modules owned by each.
• Go-to-market. Going to market jointly will need strong collaboration too. In terms of the agreement on customer account ownership, pricing, sharing of pre-sales resources and so on.
• Implementation. And, last but not the least, it will require collaboration to ramp up the implementation capabilities of the jointly developed solutions.

Checkout insights from the Ecosystm IoT Study.Click on the link below to Access 👇

5/5 (4) Microsoft announced in 2018 that they were investing US$ 5 billion globally in IoT innovation and research for the next 4 years – the focus being on secure IoT, creating development tools and intelligent services for IoT and the edge, and on growing their partner ecosystem.

Last year Microsoft’s industry updates showcased several IoT implementations across industries and their edge-based solutions portfolio, customers and partner ecosystem. The tech giant revealed nearly 150% YoY growth with customers such as Starbucks, Chevron, Walmart, Walgreens, BMW and Volkswagen added to the Azure platform, leveraging IoT services to accelerate their digital transformation journey. Microsoft also announced more than 70 partnerships with some of the big names in the IoT ecosystem, such as  Universal Electronics, SAP, and Cradlepoint to extend solutions and support for the Microsoft IoT business.

Extending IoT Capabilities with Strategic Partnerships

There were several recent announcements which indicate that Microsoft is focused on strengthening their IoT and industry capabilities – and this is a timely move. Ecosystm Principal Advisor, Kaushik Ghatak says, “COVID-19 has brought to the fore the need for managing risks better. And the key to managing risks is to have better visibility and drive data-driven decisions; the sweet spot for IoT technologies. IoT is at the core of the Industry 4.0 story where deep domain expertise in industry verticals is a pre-requisite to success. It is heartening to see that Microsoft is taking the lead in building a powerful ecosystem by developing key partnerships with leading providers of Industry solutions.”

Last week, Microsoft and Hitachi announced a strategic alliance to accelerate the digital transformation of the Manufacturing and Logistics industries across Southeast Asia, Japan and North America. The first solutions are expected to be made available in Thailand as early as this month. Hitachi brings to the table their industry solutions, such as Lumada, and their IoT-ready industrial controllers HX Series. These solutions will be fully integrated with the Microsoft cloud platform, leveraging Azure, Dynamics 365 and Microsoft 365.

The three areas where the Hitachi solution is expected to bring strength to Microsoft’s industry offering are:

• Process optimisation and increased manufacturing productivity. Hitachi Digital Supply Chain and Azure IoT leveraged to analyse 4M data collected from manufacturing sites for visualisation/ analysis of production processes
• Logistics optimisation. Digital technologies such as Azure Maps and Hitachi Digital Solution for Logistics/Delivery Optimisation Service to analyse data on parameters such as traffic congestion, storage locations and delivery locations, to enabling smart routing
• Predictive maintenance and remote assist. HoloLens 2, Dynamics 365 Remote Assist and other smart devices, to empower first-line workers

Ecosystm Principal Advisor, Niloy Mukherjee feels that with projections of 43 – 100 billion IoT connected devices in the next few years, IoT is obviously a hot space. “We can think of IoT as a stack with four layers – the devices/sensors, the connection layer, the cloud and computing layer and the business apps layer. With Azure, Microsoft is very well positioned in the cloud and compute layer and can grab a large chunk of this fast-growing market. Tying with players like Hitachi allows Microsoft to integrate with the business apps layer and perhaps also some devices. It is absolutely the right strategy and I would expect them to go for many more such alliances. With Microsoft’s strength in the enterprise market, IoT gives them a great opportunity to increase their share of cloud workloads with customers.”

Addressing the Challenges of IoT Adoption

Ecosystm research shows that the biggest challenges in IoT adoption are security and integration concerns (Figure 1).

In 2018, when Microsoft started actively focusing on IoT, they also launched the Azure Certified for IoT program to maintain consistency and enhanced interoperability across their device partner ecosystem. This addresses the integration challenges that organisations face when deploying IoT. Microsoft continues to grow their IoT ecosystem, ensuring faster IoT deployments, with hardware and software that has been pre-tested and verified to work with Microsoft Azure IoT services. Last week also saw Cyient joining Microsoft Azure as a certified partner for IoT. Cyient IoT Edge Gateway 5400, their flagship IoT gateway product is now Microsoft Azure Certified for IoT. This is expected to accelerate IoT deployment for Cyient customers and enable a seamless integration of edge devices to the cloud.

Ghatak says, “To scale up their IoT business, Microsoft would need to develop a substantially large ecosystem, beyond few key players such as Hitachi, who dominate at the large enterprise segment of the market. That is where partnerships with smaller and niche industry solutions providers such as Cyient fits in. More niche providers such as Cyient will increase Microsoft’s reach into medium and smaller segments of the enterprise market.”

Addressing the Increasing Threat Landscape

Recent cyber-attack trends and security breach statistics reveal a huge increase in cybercrime activities, in the wake of the COVID-19 pandemic. As the number of IoT sensors, devices and gateways increase, so does the risk of security breaches. As shown in figure 1, cybersecurity concerns are real and can act as a barrier to IoT adoption, despite the benefits that the technology brings. Automated vulnerability management capabilities, that allow risk assessment and patch installation where necessary will see an increase in IoT adoption.

To complement Microsoft Azure IoT security, Microsoft acquired IoT security specialist CyberX, last month. The acquisition will enable greater security for the IoT devices connected to the Microsoft network and will help their customers to gain visibility through a map of devices thus allowing them to gather information on security risks associated with thousands of sensors and connected devices. This will enhance smart grid, smart manufacturing and digital assets and profiles and reduce vulnerabilities across production and supply chain.

Mukherjee says, “The key concern for the expansion of IoT into more and more use cases in the next few years is really going to be security. New areas like VR and AR are emerging from futuristic fantasy to real-world reality. These will tempt many enterprises – but security will be the key concern to address. And so, Microsoft’s simultaneous push on security completely aligns with this. As the Ecosystm MSSP VendorScope results show Microsoft’s strategy on cybersecurity seems to be working.”

Talking about Microsoft’s go-to-market strategy, Mukherjee adds, “Microsoft is obviously spreading its net far and wide for all cloud applications including IoT, to go-to-market with partners. One of the key focus area here is the SME segment, which is forecast to be one of the hot growing segments for IoT in the next few years. The more offerings from the business apps layer that Microsoft integrates, the more they enable their partners to sell to their customers.”