cybersecurity
Ransomware attacks on critical infrastructure are on the rise. Late last week, Colonial Pipeline was hit with a ransomware attack that shut down over 5,000 miles of U.S. pipeline. This section transports around 2.5 million barrels of diesel and gasoline a day, and accounts for almost half of the East Coast’s fuel supply. A few days earlier, attackers targeted Volue, a Norwegian company that provides technology to water and wastewater facilities in 44 countries. Colonial Pipeline reportedly paid a $5 million ransom – using cryptocurrency.
Ransomware attacks are usually focused on data exfiltration, followed with a threat to encrypt the data, and/or release it to the public unless payment is made – often in the form of cryptocurrency. Ransomware attacks are skyrocketing – up by more than 300 percent in the past year in the U.S. alone, according to the U.S. Department of Homeland Security.
Neither of these most recent attacks appear to be worst-case scenarios like what happened to a U.S. water utility last year when attackers took control of an industrial control system. But the implications are still enormous. In the case of Colonial Pipeline, panic-buying is leading to fuel shortages across the U.S. Eastern Seaboard. And, in the case of Volue, 200 Norwegian water municipalities were impacted.
While ransomware attacks can come from a number of vectors, the most frequent is phishing. Someone clicks a link, which infects their device and gives extortionists a pathway to do their work. This is why demand for security services is exploding and why enterprise dollars are flowing in this direction. As we discussed a couple weeks ago, enterprise security spending per employee increased by over 40 percent from 2019 to 2020. Security spend as a percentage of overall IT spend is increasing as well (see Data Watch).
Managed security services focused on SOC/SIEM operations are seeing steady demand. While these engagements tend to be smaller – between $2 and $3 million in ACV – we are seeing them grow to upwards of $5 million as enterprise buyers increasingly broaden the scope to include things like data loss prevention and identity governance. | | |
|
deal activity
- Hitachi ABB Power Grids and HCL. Energy joint venture breaks away from legacy IT organization. Link
- Britvic and Infosys. European soft drink maker streamlining apps, cloud and workplace services. Link
- NHS Scotland and AWS. Agency finds host for its National Digital Platform. Link
- Hansel Ltd. and CGI. Finnish government signs framework agreement for data center services. Link
- Vodafone and Google Cloud. Six-year agreement to create data platform; SAP hosted on GCP. Link
- Mankind Pharma and Accenture. Indian pharmaceutical company redesigns demand and inventory planning processes. Link
- Dolomiti Energia and Atos. Italian energy company develops app to maintain smart meters. Link
- Orange Bank and Atos. Mobile bank signs 1,200-seat workplace services deal. Link
- Premier League and Oracle. Football league selects its official cloud provider. Link
| | |
|
M&A
- ServiceNow moves into application observability with Lightstep. Link
- EPAM Systems goes on offense with Israeli cyber intelligence firm WhiteHat. Link
- Apexon adds 200 e-commerce and CX experts with Adapty. Link
- Accenture beefs up industrial OT capabilities with Electro 80. Link
- Computacenter expands European logistics and technical services with ITL. Link
- Capgemini acquires Japanese and Southeast Asian SAP clients from Multibook. Link
| | |
|
If you like this content, please forward this email to a friend. And, as usual, feel free to send me a note at [email protected] with your feedback.
Have a great weekend! | | |
|
isg insiders
Stanton Jones, Alex Bakker, Cynthia Batty, Dr. Daniel Gerster, Doug Saylors, Mrinal Rai, Ron Exler, Sashidharan Balasundaram, Steve Hall, Troy Williams
|
|
