From designing new drilling platforms with 3D modelling software to storing critical production data on servers, not to mention confidential emails shared between senior executives, cyber security is becoming increasingly critical to the offshore industry.
As incidents of intellectual property, production shutdowns, and data leaks engineered by an ever growing collection cyber-terrorists and state-backed hackers continue to dominate the news cycle, the potential for disaster is laid bare.
Against this backdrop, and largely because of it, the world’s largest defence contractor Lockheed Martin moved to buy up the niche cyber security firm, Industrial Defender. The company, which has built up a strong line in securing critical infrastructure assets such as offshore platforms, will now add its 130 staff to Lockheed’s 115,000 and it may draw on its parent company’s financial and commercial success to try and take its offering to the next level.
Cyber security expert and director at Pierre Audoin Consultants, Duncan Brown explains why Lockheed Martin opted for Industrial Defender and what the future holds for securing offshore assets.
Adam Leach: What was the main driver behind Lockheed’s decision to acquire Industrial Defender and step up their involvement in the oil & gas sector?
Duncan Brown: Oil and gas is a key part of a nation’s critical infrastructure, which is increasingly being subject to cyber attacks. So it makes sense for Lockheed to expand its capability in that sector. More generally, all cyber security firms are expanding through acquisition, as they scramble to establish market share and grow their resource base.
AL: Why were Industrial Defender seen as a more attractive prospect than other firms operating in the market?
DB: There are clearly many reasons why one company would acquire another. Skills, IP, geographic or industry focus, and of course affordability. There are plenty of companies in the cyber security space that are being targeted for acquisition, so this is not the first such transaction and it won’t be the last.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataSaudi Aramco is back in business after clearing 30,000 of its computers of a malicious virus, but the attack should serve as a stark warning.
AL: Is this likely to be the first in a series of acquisitions in the cyber security space by Lockheed?
DB: M&A is high on the agenda as players scramble to build their capabilities. We have already seen several big acquisitions this year, and we know that are several more in the pipeline. So it’s not surprising to see Lockheed joining in, and it would not surprise me if there were further transactions to follow.
AL: What acquisitions have been made by the other large defence contractors, such as BAE Systems and Airbus, in the area of cyber security?
DB: BAE Systems acquired Detica, now called Applied Intelligence, in 2010. Airbus has previously purchased Netasq in 2012 and Arkoon in 2013.
AL: How does the acquisition alter Lockheed’s standing in the cyber security and in particular the offshore cyber security market? Which company is leading the way?
AB: Lockheed is particularly strong in Defence. This acquisition gives it more credibility and penetration in the commercial sector. The main competitors in the commercial sector include CGI, IBM and Deloitte, though there are more than 20 players capable of providing cyber security at a global level and many more that operate in local markets.
AL: What has given rise to the increased interest in cyber security in the offshore industry?
DB: Simply, it is being attacked. The offshore industry is part of the critical national infrastructure and as such represents a prime target for cyber terrorists, IP theft and nation state threat actors.
Fours years after Deepwater Horizon and a bill to protect offshore oil and gas whistleblowers is still waiting to be enacted.
AL: How is the offshore cyber security market expected to perform in the next five years?
DB: The offshore market will grow in line with the overall enterprise sector. We estimate that the growth in cyber security will exceed 6% per annum, which is twice the rate of the IT market as a whole. Within this growth there are several hotspots growing at double-digit rates, including managed security services (MSS) and threat intelligence.
AL: What are the emerging cyber security risks for the offshore sector?
DB: Continuity of supply is the main risk. The offshore sector supplies energy and/or fuel, the lack of which would severely impact any country’s economy and political stability. CNI is at the top of most nations’ cyber security risk profile. It’s important to note that the type and nature of threats is always changing.
For example, the offshore industry is a heavy user of mobile technologies, and these are increasingly being attacked by threat actors. Industrial control systems were originally built as stand-alone systems, but now many are being connected to the Internet, which exposes them to side-effects.
AL: What other services might firms like Lockheed look to add to their cyber security offering?
DB: Incident response is a key growth area. These days, most experts agree that a cyber breach is inevitable: a question not all if not when. Responding to a breach quickly and effectively, to minimise disruption to service is critical. In addition, the reputational damage to a firm could be immense so managing relationships with customers, regulators and the media is vital.
AL: What other security firms might be acquired by large defence companies in the offshore space?
DB: Specialist firms that deal in security for ICS are an obvious target. But more generally, security technology firms that focus on mobility and securing the Internet of Things (IoT) will be important. IoT will be a critical technology in the next few years, as sensors will be increasingly connected to the network using IPv6. This machine to machine (M2M) technology will rapidly increase the visibility and effectiveness of infrastructure, but at the same time will increase exposure to cyber threats.