A new report from Pike Research, investigating the cyber security for the smart grid industrial control systems (ICS) market, predicts that it will grow to $608 million by 2020. Currently, spending and investment is topped $369 million this year, but it hasn’t slowed. Part of the reason for the growth is the emergence of high-profile attacks and vulnerabilities in the ICS segment.
Security for smart grids has been a reoccurring news topic for years, but talk about protecting the nation’s grid is about as far as the topic gets – innovation has been stagnate.
According to Pike, smart grid cyber security has weak investment drivers, dominated by regulatory compliance. Threats and vulnerabilities are many and well-known, but in the absence of legal mandates utilities have been slow to act. However, thanks to high-profile events such as Stuxnet, Duqu, and Flame, utilities are paying more attention to the topic, and are looking to invest.
For the record, when addressing the topic of smart grid ICS investments, the Pike report includes energy delivery as a whole, such as transmission upgrades, substation automation, and distribution automation applications.
“Efforts to secure these control systems have historically focused on physical protection and isolation. However, newly developed techniques to operate control systems more efficiently and more profitably rely heavily upon modern IT-enabled devices, often invisibly embedded within control systems. These devices introduce an unprecedented level of cyber risk to control networks. The market for cyber security for control systems is emerging, but slowly,” Pike’s report explains.
The vendors have a role to play too, the report adds, because while security firms are seeing more RFPs than ever, they need to orient their discussions with utilities around solving operational and business problems, not technical concepts.
“The shallow growth curve for ICS cyber security through the remainder of the decade reflects utilities’ historically measured approach to technology upgrades—the focus on reliability trumps any abrupt shift to the next great thing,” says senior research analyst Bob Lockhart.
“Despite the improved awareness of potential threats and risks, many utilities remain reluctant to allocate security funding beyond that needed for compliance minimums," Lockhart continued. "That will change as the technology improves, prices go down, and the cost of complacency becomes more apparent.”
The report profiles key providers of control systems cyber security, and provides detailed analysis of the market by smart grid application, by region, and by type of control system technology, including human-machine interfaces, control consoles, telecommunications, and device controllers.