Greater Digitalization Requires Greater Cyber Security
As was again highlighted very recently with the WannaCry attack, cybercrime represents a real danger. However, this should not stop any company from continuing to focus on digitalization. G+D offers, and is continually refining, pioneering security solutions to protect data, machines, and infrastructures against attack.
People can communicate with one another everywhere and at any time – certainly since the invention of the cell phone at the latest. However, all types of machines do so as well. Rescue helicopters provide their headquarters with information about engine status, industrial robots issue mutual warnings if they get too close to one another, and even autonomous driving wouldn’t be possible without machine-to-machine technology.
The benefits are clear: companies have direct access to all components on their production paths, promptly detect pending failures, and can control their factories on a centralized basis. The public sector can make administration more efficient by making an increasing number of processes digital. And as soon as the technology is ready, the driverless car will also reduce the number of accidents on the road because machines make far fewer mistakes than people – if they make any at all.
However, the global WannaCry hacker attack showed how vulnerable companies, hospitals, and public authorities are if they do not have sufficient protection. The G+D portfolio includes security solutions for all digital challenges, and to this end the company transfers experience from the financial and state sectors – which have very high security requirements – to other industrial sectors.
Play it Safe with Industry 4.0
The Next Level of Industrialization
We are currently living in an interim era. We already benefit from the advantages of digitalization, but we are not all aware of the dangers – and at the same time, expertise in useful cybersecurity measures has not yet become common knowledge.
This also applies to industrial companies that want to take a step toward Industry 4.0, but are still delaying primarily due to security concerns. However, it would be fatal for them not to make use of the next stage of industrialization. Experts estimate that productivity can be increased by up to 30% with Industry 4.0 applications – making it undeniably worthwhile to invest in security solutions.
Dr. Christian Schläger, Head of Product Management at Giesecke+Devrient Mobile Security, is aware of these discussions with companies across the globe: “No one should postpone digitalization because of security concerns, because at some point it will be too late. Our solutions provide the required machine visibility, process transparency, and secure communication, meaning that Industry 4.0 functions in a responsible way.”
No one should postpone digitalization because of security concerns.«
Secure Industrial Visibility
The name of the solution from G+D is “Secure Industrial Visibility” (SIV). Behind it, there is a smart box with a secure operating system and a piece of software that enables remote access to individual machines while also protecting them against cyber attacks. “SIV makes it possible to segment machines – that is, to properly encapsulate them using a firewall,” explains Dr. Christian Schläger. “This machine, which is now smart, enables updates, predictive maintenance, and the detection of anomalies.”
This means that an intelligent factory with SIV can independently recognize instances of unauthorized access because it learns to make a distinction between normal access and unusual traffic. In contrast to standard VPN connections, SIV works in “stealth mode”, meaning that the machines’ IP addresses cannot be identified from outside. “This means that we are significantly reducing the area open to attack,” emphasizes Schläger. “However, we are not a manufacturer of individual components. Instead, we offer a complete managed security service for Industry 4.0, which also includes risk analysis. As is also the case with insurance, it is necessary to determine and implement the appropriate degree of security.”
Safe Driving in the Digital Age
Secure Networking for Connected Cars
Connected cars are still on the rise. The development of autonomous driving, which would not be at all possible without machine-to-machine communication, is a significant factor in this respect. However, features that are already current today, such as intelligent fleet management and automatic emergency calls, require a “connected car”. All new cars in the European Union have to be fitted with an eCall function from 2018 on, so that they are enabled for automatic calls for help in the event of an accident. This requires a cell phone connection, which will also be required in every car.
G+D has developed a piece of technology in this area that makes the process simpler. With eSIM management, car manufacturers are able to install a fixed, neutral SIM card ex-works, which can then be personalized for the network operator of choice at a later stage. This significantly reduces the level of expense as it is no longer necessary to process a variety of network operator SIMs. eSIM management enables updating, and changing network operators, for entire fleets by means of remote access. BMW is one of the first manufacturers to put this system in place, and its connected vehicles have been equipped with the technology since 2016, making it possible to manage them efficiently.
In addition, G+D is working on a secure communication path for sending data to and from the car in the form of the “Automotive Security Gateway”. This is important for telematics services for preventing unauthorized access to data, as well as for preventing potential hacker attacks, e.g. as a result of software updates, on a car that will in future be self-driving.
According to Statista, the trend towards connected cars will just keep growing. Approximately 43 million connected cars are on the roads in 2017 – this figure will rise to more than 190 million in four years. With G+D, manufacturers can ensure that digitized cars provide security by design from the outset.
Cyber Security for Europe
International Security Strategies
The WannaCry attack demonstrated that governments and public authorities need to adjust to entirely new forms of cyber attack which can even bring hospitals to a halt, and which can therefore disrupt a country’s infrastructure. The hacker attacks on elections, such as in the USA in 2016, are a serious threat and prove that individual cyber skirmishes between states are apparently becoming the norm.
Wolfgang Ischinger, Head of the Munich Security Conference, warns that “weapons of mass destruction” will now be followed by “weapons of mass disruption”. In his opinion, a new security strategy is needed for the digital age.
Security partner of the Federal Government of Germany
secunet, a business sector of G+D, has been the IT security partner to the Federal Republic of Germany since 2004, and developed the SINA secure inter-network architecture on behalf of the German Federal Office for Information Security (BSI). This enables the secure processing, storage, and transfer of sensitive data, and allows many different confidentiality levels within a single system. In addition, secunet is one of the founding members of the European Cyber Security Organisation, which has the objective of strengthening European cybersecurity on behalf of the EU.
The SINA encryption solution is a central component within secunet’s extensive service portfolio. Not only does the solution cover the safeguarding of digital communication, but also the protection of e-government applications, the establishment of identity management systems, and tailored IT security solutions for critical infrastructures and organizations with sovereign responsibilities, such as domestic security defense.
With the right protection, we can be equipped for the digital future, and there will be no consequences from cyber attacks such as WannaCry.