Sales of cyber security products for smart grid industrial control systems (ICS) are set to exceed $600 million in 2020, up from $369 million this year, as “the cost of complacency becomes more apparent”.
Such is the headline finding of a new study by Pike Research, which predicts an increase in cyber-security deployments over the next two years as utilities grow better informed about cyber risks to grids and substations.
Nevertheless, security is still viewed as a cost-limitation exercise by many utilities, says Pike, while advances towards any meaningful regulations remain halting.
“The shallow growth curve for ICS cyber security through the remainder of the decade reflects utilities’ historically measured approach to technology upgrades—the focus on reliability trumps any abrupt shift to the next great thing,” said senior research analyst Bob Lockhart.
“Despite the improved awareness of potential threats and risks, many utilities remain reluctant to allocate security funding beyond that needed for compliance minimums,” he said. “That will change as the technology improves, prices go down, and the cost of complacency becomes more apparent.”
According to Pike, the cyber security market suffers from a lack of innovation, while vendors disagree on the right approach.
While some have been working on full cyber security solutions for entire control networks, other have been taking what Pike calls “a more tactical approach” and addressing specific problems.
What’s more, those deemed ‘general-purpose’ security vendors have not seen the growth they were expecting, while specialists in control systems security have been receiving more requests for proposals than ever.
Pike urges the vendors to align their discussions with utilities around solving operational and business problems, rather than technical concepts.