User Manual

ManualsBrandsSiemens ManualsBuilding automationBuilding automation and control systems - System Catalog 2016

> White Paper | Best Practices in Digital Transformation

Security

Introduction

Breaches of data center security are reported regularly in the media

although these breaches are likely to be only the tip of the iceberg

as companies are reluctant to publicise failures. Those reported

indicate that the ﬁnancial costs of disruption can be considerable.

The CEO of British Airways put the cost of a power outage that led

to the cancellation of hundreds of ﬂights in May 2017 at around BDP

80 million (around USD 100 million). The July 2015 suspension of

trading on the New York Stock Exchange for three and a half hours

cut the number of shares traded from a ‘usual’ 600 to 700 million

down to 444 million. The Ponemon Institute/IBM Security study

estimated in 2017 that the average cost of a data breach among a

sample of 419 companies was USD 3.62 million. It estimated also

that the probability of a breach over the next 24 months was 28%

for these organisations.

In addition to loss of revenue, the cost of a security breach to an

organisation can encompass the costs of repairing and upgrading

systems, of customer notiﬁcation and the settlement of legal

action. In the case of MTDCs there may be legal action if the

breach breaks the SLA and contract between the provider and the

client. The loss of reputation and brand can be incalculable, while

the loss of market valuation can be highly damaging. Data breach

may also result in heavy ﬁnancial penalties – non-compliance

with the EU’s General Data Protection Regulation can lead to ﬁnes

of up to 20 million euros (around USD 24 million) or 4% of global

annual turnover. Simple math suggests that this may, in worst case

scenarios, mean a shrinking company or closure.

Attention to security underpins everything that an organisation does

across its IT and operational activities.

The provision of digital, information and physical security measures

by the MTDC providers needs to meet new threats which are

continually striving to outﬂank the means of protection and which

may gain greater traction through the increased IT dependence that

digital transformation brings. For the MTDC, the data center is not

an enabler, it is the business core and therefore there is an added

factor. Security provision cannot compromise the agility of the data

center through sheer weight of capacity requirement. Therefore

the thinking behind the security requirements of the new digital era

needs to change from one that is based on the all-out protection

of a barrier to one that is more strategic and based on intelligent

technology.

Figure 13: The Security Landscape

Digitalization

new business

models/

ecosystems

Extended

us of OT

Assets

Mgmt & tracking

Identity

Management

Risk Mitigation

Regulation

...others

Network Security

Dependencies

on connectivity

IOT Security

Outsourcing

On premise &

cloud - mixed

architectures

Safety

Reliability

Complexity &

dependencies

Skills, resources

Digital Security

IT Security

OT Security

Physical

Security

Source: Siemens 2017