Reports concerning StuxNet first emerged in 2010 — it was a sophisticated and malicious computer worm had been deployed to destroy nuclear centrifuges of Iran such that it would appear as a series of industrial mishaps and operational failures rather than a coordinated attack. It is estimated that nearly 1/5th of Iran’s centrifuges were destroyed in that attack.
That may have been the first major report of an organized attack against industrial controls systems (ICS) but since then the frequency of attacks has rapidly escalated at a global scale. US Dept. of Homeland Security reported that in 2015 such attacks in the US alone numbered ~300. These attacks against critical infrastructure are perpetrated by other governments, competitors or criminals, and sometimes disgruntled insiders — and impact is measured in lost lives, billions of dollars in damages, more billions of dollars in liabilities, and significant data/IP loss.
Unlike traditional cyber attacks, ICS follows different protocols than IP and traditional cyber security solutions are not effective. However, as more ICS come online, they become vulnerable to threats. And by design these attacks are hard to detect, design against and prevent. This is an emerging field in the world of cyber security, and one that we expect will gain quite a lot of attention in coming months/years.
Today, we are proud to announce our investment in Nozomi Networks, a company providing operational visibility and industrial cyber security to major industrial clients worldwide. Lux Capital co-led their $7.5M Series A investment round, and I have joined their Board of Directors along with Glenn Solomon from GGV. As investors in manufacturing industries ranging from satellites in space to autonomous cars, nuclear waste management and advanced chemicals production, we understand the value/ROI Nozomi offers to their clients, and believe we can be partners in helping them grow across industries and geographies — now with offices in both USA and Switzerland.
Edgard Capdevielle, Andrea Carcano, and Moreno Carulloare a phenomenal team. They have a deep background and understanding of complex industrial systems, and fully appreciate how both IT and OT (operational technologies) need to work together to implement solutions to fully harness the value proposition. Andrea and Moreno founded the company in 2013 to utilize advances in machine learning and artificial intelligence to build the core Nozomi platform. They then deployed it across multiple industries in Europe and the US in the form of their first product — SCADAGuardian — and have now brought on board a security industry veteran, Edgard, as company’s CEO to pursue aggressive growth.
Nozomi’s team understands that the value for their customer resides in both securing the networks but also in providing unprecedented operational visibility into the network. SCADAGuardian provides security and anomaly detection, trouble shooting and remediation, automated reporting and compliance tracking, and prevents extraordinary corrective maintenance that can be very costly. For example they have the ability to model entire industrial processes and detect deviations from process profiles, rather than relying on simple threshold violations. Company already has clients in the Oil & Gas industries, Pharmaceuticals, Power & Utilities, and Manufacturing/Transportation. Our diligence quickly showed that their capabilities, and world-view of industrial controls security, was far ahead of competition.
Industrial cyber security market today is estimated to be between $2–3B, and expected to grow to >$10B over the next 10 years. From StuxNet in 2010 to last year’s BlackEnergy attacks against Ukranian power grid, this problem is not going away, and only expected to require more sophisticated technologies to defend against such distributed attacks. Nozomi Networks will have more exciting team and customer related announcements to make in coming weeks/months, but in the meantime I recommend those interested in learning more to check out their case study on Enel Power Company, as well as analyst profiles from 451 Research and Lux Research.