< PreviousResource drain Traffic decryption is a resource-heavy activity and, as a result, performance suffers in a variety of areas. As traffic heads towards the network boundary, the firewall has to stop that traffic in order to decrypt and inspect it. This increases the CPU load on the firewalls, which can be overwhelmed by the sheer scale of traffic they have to decrypt. In turn, this has a deleterious effect on network performance due to the increased amount of compute resources that have to be used and thus, more latency is introduced. Some organisations even choose to turn DPI functions off entirely for their firewalls, setting the stage for much larger problems down the line. There is often significant redundancy in this process too. Organisations will often use a variety of tools to cover different areas of their cybersecurity. By having multiple tools decrypt the same packets and traffic, they multiply the resource drain the traffic decryption already introduces. This ultimately creates bottlenecks and contributes further to the aforementioned latency and performance problems. Packet loss Packet loss is often an unfortunate side effect of DPI traffic decryption. Because traffic decryption has to stop packets in their tracks to inspect them, incoming traffic can become congested. When the incoming traffic pipe gets held up by this often-cumbersome process - packets get lost. Because the network is dealing with more traffic than it can handle, packets will often be discarded or ignored entirely. This can get especially bad during peak hours when traffic is already at its height. Ethical privacy concerns Traffic decryption often risks violating various ethical rules and regulations around privacy. Because organisations can’t tell what's actually in the packet before they decrypt it, they could accidentally expose personally identifiable information, including health records or credit card data as well as other compromising details, thus breaching the personal privacy of the data subject. That breaks a fundamental element of trust that should exist between users and organisations and opens up broad scope for abuse. Some companies have even used DPI to collect data which they then used for advertising, prompting an outcry from consumers and privacy advocates alike. Compliance Even if organisations don’t care about breaching their customer’s privacy, regulators do. Many regulations set strict boundaries around this kind of activity. The EU’s General Data Protection Regulation (GDPR), for example, introduces strict rules around encryption and the protection of personal data. Both PCI DSS - a card payment industry regulation which governs data use - as well as HIPAA - a US regulation which governs healthcare data - severely restrict the use of decryption or disclosure of personal data under certain conditions. The US state of Texas has even forbidden the decryption of personal data since 2017 unless that act has a legitimate business purpose. These would all be easy to comply with if organisations already knew what was contained within the packet CYBERSECURITY www.networkseuropemagazine.com 70As a result, many organisations are moving away from DP and towards other methods to cover this area. Deep Packet Dynamics (DPD) is emerging as a way to avoid the pitfalls of DPI decryption. Behaviour vs payload The reality is that to detect attacks and performance problems, behaviour is often a better marker than direct packet inspection. DPD illustrates exactly that point. DPD uses metadata, behavioural profiling and fingerprinting techniques to spot abnormal behaviour and reveal threats within encrypted traffic, without needing to decrypt. Instead, DPD monitors behaviour. It looks at network traffic, using behavioural analysis to collect information about network connections. While DPD does not decrypt packets, it does capture header information and enriches it with other behavioural data and traditional flow tuple information like IP addresses, ports and protocols. DPD’s behavioural analysis, for example, will alert security teams when large amounts of UDP traffic flow between a communications application and an internal accounting application, signifying suspicious behaviour. Machine Learning algorithms often supplement this functionality by analysing metadata and behaviour to understand the nature and type of threat that might be approaching the network. For instance, it can compare the details of an HTTPS session against known attack patterns from phishing websites, thus establishing whether this behaviour is a phishing attempt. With this, comes greater opportunities for intelligent packet capture that makes data storage more efficient. When IT teams realise that a particular packet is not malicious, they have no need to store it and so only need to retain certain parts of the packet that might be useful for forensic analysis later down the line. In turn, this can make organisational data storage vastly more efficient and longer lived than it might otherwise be. DPI has often been an important part of traffic monitoring and security. However, as the nature of traffic changes - it introduces greater and greater burdens upon its users, compromising the objective for which it was employed in the first place. Many organisations are finding that the latency, performance degradations and privacy infringements that so often accompany DPI traffic decryption are too high a price to pay. In turn, they’re realising that packet payloads matter less than they once thought and turning to behaviour analysis in the form of DPD. they wanted to decrypt. Unfortunately, the only way to know is to decrypt, thus potentially thrusting them into non-compliance. Without the necessary legal know- how, organisations may find themselves in violation of regulations. From DPI to DPD DPI often means that organisations have to effectively launch Man In the Middle attacks on their own packets. Doing so introduces latency and inefficiency to a process that is supposed to preserve network performance and violates privacy in a process that is meant to preserve it. In short, DPI fails on its own terms. CYBERSECURITY www.networkseuropemagazine.com 71Facing the Hidden Threats: The Increasing Importance of Cybersecurity for Utilities CYBERSECURITY www.networkseuropemagazine.com 72This convergence marks the shift towards Electricity 4.0, an integral transition to moving towards a more sustainable world. Ultimately, we want to build smarter, more resilient, and more efficient electrical grids. However, this comes with a set of risks, cybersecurity being chief among them. The dark side of digitalisation The need for cybersecurity has grown significantly with the expansion of smart grids. This is primarily a result of increased digitalisation, better connectivity, and third-party stakeholders. While largely beneficial overall, the integration of IT and OT domains exposes smart grids to cyberattacks in a unique way. Before the emergence of Electricity 4.0, legacy equipment and devices were previously designed without the intention of connecting to broader networks. This legacy equipment is now exposed to contemporary threats, opening a window of opportunity for attackers. Since it is often financially unfeasible for companies to simply replace old equipment with newer models, organisations must utilise equipment that lacks the processing power to facilitate additional cybersecurity measures, while newer models are required to offer continued support for legacy software still relying on outdated security measures. In the last few decades, technology has advanced at previously unimaginable speeds, with the digitalisation of the grid both a driver and beneficiary of this shift. David Hall VP Power Systems Schneider Electric Threats: of CYBERSECURITY www.networkseuropemagazine.com 73Ultimately, these changes have increased the surface area for, and potential scale of, attempted cyberattacks, with many large power companies now potentially facing millions of malicious systems threats each day. Experts now argue it is no longer a question of if, but when a company will experience an attack. The energy sector was the most attacked industry in the UK in 2021 (representing 24% of all cybersecurity incidents), with only the banking sector spending more on average per year tackling cybersecurity than utility companies. The UK was one of the top three most- attacked countries in Europe in 2021 and the potential cost of cyberattacks on London’s electricity grid alone could reach up to £111 million a day. Ensuring that the electrical system can continue to operate in real-time and provide a reliable service with full availability to consumers must be prioritised. Building your best defence against cyber threats It is important to stress the severity of a cyberattack on electricity systems. They can damage an organisation’s safety, utility and customers, as well as the broader electricity system, economy and environment. Now, in an era of crisis, rising costs and pressure on the energy industry, how can organisations best deal with these threats? The most crucial aspect of any cybersecurity effort is the realisation that new threats are constantly emerging and evolving; effective cybersecurity should be considered an ongoing process, not a static tick- box exercise. Utility companies must have a robust cybersecurity strategy that is adaptable over time and backed up with a recurring annual investment. Organisations must also integrate third-party risk management into the overall risk management program to maximise the effectiveness of any defence; currently, only 15% of organisations worldwide do this. Critical areas for firms to be aware of when designing effective security include extensive employee training, stout physical cybersecurity practices and equipment, utilising ‘secure by design’ principles and employing an automatically assumed position of ‘Zero Trust’. Measures such as these ensure minimum standards are consistently applied to new and current installations. CYBERSECURITY www.networkseuropemagazine.com 74The aim is to future-proof and facilitate a shift from legacy, perimeter-centric models of information security to Zero Trust microparameters, which grant access to isolated parts of the network, making it more secure and resilient overall. Our solutions are built using the ‘Secure Development Lifecycle’ (SDL) principle and revolve around four essential steps: • Permit – Access to the network is subject to safety measures such as authentication, authorisation and physical identification. • Protect – The network is protected from malware and viruses and can have some advanced protection tools installed. • Detect – Issues in performance, anomalies and intrusions should be detected as soon as possible to allow an adequate response. • Respond – Once a cyberattack is found, incident response is activated, and forensic investigations are conducted. If needed, recovery can be made from a backup. Is there a silver bullet solution to security? Ultimately, there is no one-size-fits-all approach to cybersecurity, and it is impossible to guarantee the total prevention of cyber breaches completely. Energy companies face various challenges when dealing with cybersecurity, including long investment cycles, the convergence of the IT/OT environments, the homogenisation of products, the increasing integration of third parties and vendors and a widening skills gap. Nonetheless, investing time and resources into securing your cyber environment is necessary for any business, particularly those that run critical infrastructure like electrical companies. The first step in achieving this is understanding your cyber environment and what is needed to shift your business from a reactive prevention model to a proactive one. As we move into and through the Electricity 4.0 era, in which official standards are the minimum requirement and not the height of ambition, utilities companies and their customers need the reassurance of a cybersecurity strategy that provides thorough protection against malicious attacks. CYBER SECURITY www.networkseuropemagazine.com 75The growth of the global data centre industry shows no signs of slowing down. One might have imagined that energy supply volatility and the accompanying global energy price increases, ongoing supply chain disruption, growing skills shortage and the increased focus on sustainability, all combine to negatively impact the industry’s digital momentum. But that’s simply not the case. Is Africa the New Data Centre Frontier? DATA CENTRE FRONTIERS www.networkseuropemagazine.com 76Despite the many financial and operational challenges facing data centres, the sector continues to expand, with an increasing emphasis on secondary markets, edge and remote facilities – all of which is perhaps best typified by the significant opportunities evolving in the African continent. There’s a huge new wave of data centres opening, and existing facilities being expanded, in secondary regions and locations across the globe. The obvious benefits of the Nordics – with relatively inexpensive, plentiful renewable energy a major attraction, alongside recently opened extra connectivity routes and capacity – are increasingly being realised by more and more organisations. Major European cities such as Berlin, Warsaw, Milan and Vienna are also seeing relatively high levels of investment, either in response to the high prices commanded in the principal European data centre locations and/or as specific industry ecosystems demanding the appropriate data centre infrastructure be located close to their business activities. Underlying all this data centre market activity is, of course, the unstoppable momentum of digital transformation. Consumers demand ever higher levels Stavros Spyropoulos Business Development Manager Subzero Engineering w ontier? DATA CENTRE FRONTIERS www.networkseuropemagazine.com 77of digital performance, and this means that the data centre industry is having to respond to meet this demand. In practical terms, this means more data centre capacity, faster connectivity and higher compute densities. At the same time, environmental pressures, with net zero the end target, are adding a layer of expectation to data centre owners and operators. The good news is that the industry is responding successfully to this twin digital and sustainability challenge, with operational agility and technology innovation very much to the fore. Add in the burgeoning secondary/regional/edge market and there is, perhaps, no better example of how all of these factors are shaping the global data centre industry right now, than in Africa. Into Africa Intriguingly, the continent has very little of the legacy infrastructure ‘baggage’ that acts as something of a constraint on innovation in the mature data centre markets. This means that there’s a very real opportunity to go back to the drawing board and decide what a data centre should look like in terms of location, energy supply, connectivity options, design and construction, power and cooling – virtually every aspect of the supply chain. With the obvious caveat that there are significant business challenges in the region. Financing projects is the first obstacle to be overcome – although market entrants with a track record (and finances to match) in established markets are less exposed to this issue. There’s also the question of sourcing the appropriate level and quantity of skilled labour at all stages of a data centre project. Supply chain logistics across the continent can be challenging and we can’t avoid mentioning the geopolitical instabilities which can cast a shadow over the data centre opportunity.However, set against these possible drawbacks, the sheer size and scale of the African data centre market is so enormous, that it’s inevitable that the increasing trickle of activity will become more of a torrent over the next few years. The African region is complex and does not have a one-size-fits-all. With 54 countries, there are nearly 2000 languages spoken and over 80% of the population does not currently have access to electricity. Yet this same population is starting to mature in its need for digital services, be it consumer or enterprise. Over 70% of the population in many African countries are under 35 years old, so the demand for all things digital is growing at a fast pace. Africa and the Middle East are projected to be the fastest-growing regions in terms of internet user numbers in the coming years. As broadband usage and download speeds increase, data consumption is boosted, meaning demand rises. For example, commercial 5G has been rolled out in Kenya by Safaricom, along with Nokia boosting digital initiatives such as IoT and big data increasing the demand for data centres. Additionally, Africa also has a growing IT outsourcing market - the fast-growing economies, relatively low-cost labour force and improving IT infrastructure make it a very attractive region for investment. Presently, it is estimated that Africa needs around 1000MW power capacity and 700 data centres to meet demand. And there are increasing signs that this major market opportunity is being addressed by a variety of data centre owners/operators. DATA CENTRE FRONTIERS www.networkseuropemagazine.com 78For example, Africa Data Centres, part of the Cassava Technologies Group, a pan-African technology group, is building a 30MW data centre facility in Accra, Ghana. The new facility will lay the groundwork for the company’s hyperscale partners to expand digital services and solutions to more countries in West Africa. Equinix is also expanding into Africa through its acquisition of MainOne, a West African data centre and connectivity solutions provider, with a presence in Nigeria, Ghana and Cote d’Ivoire. The Raxio Group, a pan-African developer and operator, is establishing Raxio Tanzania, said to be the first ‘state of the art’, carrier-neutral, Tier III data centre in the country. These are just a few of the many data centre-related projects currently being planned and/or executed across Africa and thanks to the strategic importance of such countries, for the oil and gas and financial sectors, in particular, data centres are far from being a brand new concept to the continent. Conclusion When one considers the growing number of data centres required to satisfy the digital demands of Europe’s 746 million citizens, it is no wonder that the African opportunity looms large for data centres, including remote and edge. Yes, there are significant challenges to be overcome. But many of these challenges are also major opportunities to think differently, to build and operate data centres in new, sustainable ways, to harness technology innovation to achieve significant efficiencies when compared to many legacy data centres and, above all, to bring reliable digital services close to African consumers. DATA CENTRE FRONTIERS www.networkseuropemagazine.com 79Next >