The market for industrial cybersecurity products totaled $782 million in 2015 and it’s expected to grow at a compound annual growth rate (CAGR) of 18.8% to reach $1.8 billion in 2020, according to the latest “Industrial Cybersecurity” report by Brian Arbuckle at IHS Technology.
While the oil and gas sector is an important consumer of industrial cybersecurity hardware, software and services, the report found that spending on cybersecurity has been curtailed by recent declines in oil prices and plunges in oil company revenues. This revenue loss may devalue production assets, and undermine business cases for security protection.
Though regulations and potential future legislation support investment in cybersecurity, and though oil and gas is a critical sector that should have secure cybersecurity infrastructures, many of its systems are poorly protected against cyber-threats and attacks. At best, Arbuckle reports oil and gas cybersecurity systems are secured with IT solutions that aren’t well adapted to SCADA and legacy control systems. Aging legacy control systems from diverse suppliers and the geographic dispersion of assets present challenges to operators for even routine measures such as installing software upgrades.
Meanwhile, industrial cybersecurity attacks are increasing the likelihood of serious intrusion and loss. Middle East oil producers were previously targeted, and they’re responding by securing assets under the guidance of legislation, including new laws covering critical infrastructure for Oman, United Arab Emirates (UAE), Qatar and Malaysia. Critical infrastructure includes assets in the oil and gas, power generation, water and wastewater, and petrochemical refining industries.