Why cyber security is a crucial part of ABB’s DNA
Technology research firm Juniper recently estimated that criminal digital data breaches will cost businesses a total of $8 trillion over the next 5 years as Internet connectivity increases at such a fast pace that enterprises have problems to keep up and to roll out cyber security measures.
Juniper Research said that personal data records, stolen by cyber criminals will almost double to 5 billion in 2020 from an estimated 2.8 billion in 2017, highlighting that cybersecurity problems are becoming particularly acute when businesses integrate new and old systems without regarding overall network security.
It is clear cyber security is here to stay and is becoming more and more important. ABB has an installed base of 70 million connected devices, 70,000 digital control systems and 6,000 enterprise software solutions. It is a trusted leader in the industrial space, and has a four-decade-long history of creating digital solutions for customers.
Security is part of ABB’s DNA. It always was because our customers are in critical businesses such as oil and gas, power generation and distribution. The slightest interruption in these activities can have massive consequences for economic activity and the environment. Because of its close relations with customers in very sensitive sectors and locations, cyber security has naturally become a key element of our business long before security breaches were making the headlines as they are doing at the moment.
ABB has been benefitting from its close relations with its customers. Our technicians work with them to install, optimize and maintain their equipment, which is why they know what our customers need. We have been developing solutions to protect digital infrastructures in very close cooperation with our customers. And we are still doing that. Especially in the oil and gas industry as well as in generation and distribution of electricity. These cyber security projects go back more than a decade.
Based on customers’ feedback our local units and divisions developed new cyber security solutions and this has resulted in a rich portfolio. Hands-on and focused on solving concrete problems.
Then the cyber security breach at the Natanz uranium enrichment plant in Iran happened in 2010. It came to be known as Stuxnet. Centrifuges, used to enrich uranium were failing at an unprecedented rate after a virus had entered the plant’s computer network. It was a wake-up call for the entire industry, for the whole world.
Our equipment was not compromised, but the incident triggered a process of internal reflection and investigation. Not only at ABB. Stuxnet made clear that any company could have been hit and it exposed the potential vulnerabilities of any device.
At ABB we started a process of scaling-up from the local and divisional initiatives to group level. We benefitted from the hands-on knowledge we had, making it easy to implement and prevent making mistakes. Many of the solutions that were created in what currently is our Power Grids division were implemented on a group level.
Our Group Cyber Security Council was created in 2011. It evolved into a body that enables a constant strengthening of ABB’s operational readiness, while keeping a high level of internal cyber security awareness. ABB’s cyber security organization includes experts from various backgrounds, ranging from R&D, IT infrastructure, legal and communications in order to cover all the bases.
The council also participates in standardization efforts such as Platform Industrie 4.0 and the Industrial Internet Consortium. It works with dozens of universities. The council makes sure that measures are implemented according to the same standards across the entire company and that our suppliers are at the same level of security as we are.
Over the years cyber security has become an integral part of ABB’s product portfolio. It is taken care of in every phase, from design and development to maintenance and support of any product. A few examples of what ABB is doing to increase reliability and security of its solutions:
- Threat modeling and security design reviews
- Security training of software developers
- In-house and external security testing as part of quality assurance processes.
What has already happened in the IT sector, is now in process in the area of industrial-control-system cyber security. It will become an integrated part of daily life with automated software updates, security patches and antivirus updates to thwart a growing number of threats. ABB is ready to enhance security features on a constant basis through innovations and to provide the right products to meet security needs of our customers’ critical infrastructure.
ABB has always taken its customers along this journey. It is a testimony to ABB’s security that this approach has become standard within the company. By getting involved at an early stage and working closely with customers, maximum output will be achieved. That has always been the core of our more-than 130-year history. And it will be in the future. To know more, to do more, to do better, together. Especially in cyber security.