FROST & SULLIVAN BEST PRACTICES AWARD€¦ · Industry Challenges ... Best Practices Recognition:...
Transcript of FROST & SULLIVAN BEST PRACTICES AWARD€¦ · Industry Challenges ... Best Practices Recognition:...
FROST & SULLIVAN BEST PRACTICES AWARD
Visionary Innovation Leadership Award 2019
DEVICE SECURITY MANAGEMENT PLATFORM - NORTH AMERICA
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 2 “We Accelerate Growth”
Contents Background and Company Performance ...................................................................... 3
Industry Challenges............................................................................................ 3
Focus on the Future and Best Practices Implementation of Mocana ............................ 3
Conclusion ........................................................................................................ 7
Significance of Visionary Innovation Leadership ............................................................ 8
Understanding Visionary Innovation Leadership ............................................................ 8
Key Benchmarking Criteria .................................................................................. 9
Best Practices Recognition: 10 Steps to Researching, Identifying, and Recognizing Best Practices ............................................................................................................... 10
The Intersection between 360-Degree Research and Best Practices Awards .................... 11
Research Methodology ...................................................................................... 11
About Frost & Sullivan ............................................................................................ 11
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 3 “We Accelerate Growth”
Background and Company Performance
Industry Challenges
As technology companies develop new Internet-connected devices and connectivity becomes increasingly available, more organizations are leveraging the Internet of Things (IoT) technologies. Frost & Sullivan research shows the total number of IoT devices will grow from 12.44 billion in 2016 to over 45.41 billion in 2023 at a global compound annual growth rate of 20.3%.1 IoT delivers a myriad of benefits and capabilities that were once unachievable through organizations’ traditional operations. For instance, organizations are using IoT technologies to remotely monitor and control a variety of consumer and enterprise devices to manage smart homes, buildings and cities. Industrial businesses are using IoT to improve operational performance and reduce equipment maintenance costs. Unfortunately, this growing connected world increases a network’s attack surface, strengthening a hacker’s ability to access a business’ vulnerable devices.
Furthermore, as the industrial sector began its adoption of IoT technologies, the industry quickly discovered a myriad of unique market challenges and risks specific to industrial customers. Under industrial IoT, organizations must not only struggle with changing security postures with their information technology (IT) systems, but they must also focus on protecting their operational technology (OT) systems, highlighting a new set of challenges. Typical IT cybersecurity solutions either cannot or do not address the security needs of OT systems, causing customers to cobble together disparate security solutions, often creating gaps in their security coverage and leaving them vulnerable or non-compliant with industry standards. Furthermore, organizations are often unprepared to address device-level vulnerabilities resulting from a lack of device-level security protections. An organization that experiences a breach from a cyber-attack can potentially face costly lawsuits or regulatory fines as well as the loss of revenue and customers’ trust. The U.S. government estimates that cyber-attacks cost businesses between $57 to $109 billion per year2. These consequences prompt businesses to seek sufficient protection to maintain a resilient cybersecurity posture, particularly for industrial organizations that need to secure their OT systems.
Focus on the Future and Best Practices Implementation of Mocana
Founded in 2002, Sunnyvale-based Mocana provides comprehensive and compliant device security solutions to protect critical infrastructure and IoT and reduce the cost and risks of managing security. Mocana TrustCenter™ and TrustPoint™ automate and simplify the management of the IoT security lifecycle. The company’s cybersecurity software platform simplifies the integration of mission-critical security into industrial and IoT devices. Mocana protects more than 100 million devices and is trusted by the largest aerospace,
1 Frost & Sullivan, ICS Cybersecurity Market Watch, October 2017. 2 U.S. White House Council of Economic Advisors, CEA Report: The Cost of Malicious Cyber Activity to the U.S. Economy
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 4 “We Accelerate Growth”
industrial, energy, healthcare, and communications companies, including globally renowned brands such as ABB, General Electric, HP, Intel, Schneider Electric, Verizon, and Xerox.
Mocana’s Revolutionary IoT and Industrial Cybersecurity Platforms
Mocana TrustCenter™ is an automated security lifecycle management platform that enables clients to secure their IoT and industrial devices and the data stored and transmitted between such devices. TrustCenter™ provides zero-touch provisioning and management of device credentials such as private keys, digital certificates and other device IDs and credentials. TrustCenter™ also enables automated secure firmware and software updates that go beyond insecure manual processes such as USB stick updates or other insecure remote file transfer methodologies. Mocana enables companies to scale the management of IoT security through automation and orchestration, reducing the risks that result from human error or stolen device credentials. This allows higher productivity and lower operational security costs by removing the need to deploy and configure device credentials and updates on each device manually. The platform enables customers to manage every aspect of device enrollment and onboarding as well as ensures supply chain integrity by securing devices and their data at each of the manufacturing stages until the product’s end-of-life.
Mocana TrustPoint™ is a comprehensive on-device security software for industrial and IoT that enables devices, such as sensors, drives, controllers, gateways, and server-class systems, to protect them from the inside out. Mocana is delivered as cybersecurity software that is compiled into device applications or installed on device operating systems or real-time operating systems. TrustPoint™ offers developer-friendly software development tools such as source code, binaries, sample code, and application programming interfaces (APIs), allowing device and software developers to more easily integrate cybersecurity controls into their devices.
TrustPoint™ enables customers to simplify and accelerate integration with software and hardware-based security because the platform comes pre-compatible with 30 real-time operating systems and over 70 chipsets, including a variety of secure elements.
Trustpoint™ uses the company’s own FIPS 140-2 Level 1 validated cryptographic engine and software development tools to implement device-level mutual authentication, extended authentication for passwords, secure communications (IPSec, TLS/SSL, multicast, wireless, etc.), data and device integrity (secure boot, trust chaining, code signing), and on-device firewall. Used to protect both military and commercial systems, the platform ensures that a device is in a trusted state before allowing it to communicate with other systems, protecting clients from hackers trying to gain access to their ecosystem through an unauthorized device in an attempt to steal data or deploy malware, ransomware, viruses, or other malicious threats. Furthermore, Mocana TrustPoint™ enables customers to meet the following standards: FIPS 140-2 Level 1, IEC 62443-3-3
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 5 “We Accelerate Growth”
SL4, US NIST 800-53, US NIST 800-63 AAL3, FISMA High, and IIC Endpoint Security Best Practices (ESBP), and NERC CIP 003.
Mocana TrustCenter™ and TrustPoint™: Comprehensive Device Security
Due to the features and capabilities of Mocana’s solutions, commercial and military clients can now secure their IoT and OT ecosystems adequately through a user-friendly interface that increases productivity and return on investment and decreases operational expenditures. By combining Mocana TrustCenter™ and TrustPoint™, customers can scale the management of security for IoT devices and ensure that devices can be trusted and meet industry compliance standards. The company’s technology makes endpoints and gateways tamperproof through strong cybersecurity that can meet the highest levels of authentication assurance. Mocana’s solutions provide clients with unparalleled security through:
Orchestration: complete end-to-end control of the provisioning and management of the IoT device security lifecycle
Developer-friendly Tools: simple set of software development tools, sample code, APIs, a trust abstraction layer for novice and expert cybersecurity software developers
Pre-Integrated Solutions: Mocana TrustPoint™ is integrated with more than 70 chipsets and 30 OSes and RTOSes; and Mocana TrustCenter™ is integrated with leading public cloud platforms, certificate authorities and business systems
Automated Systems: zero-touch provisioning and management of device credentials, keys, digital certificates, software and firmware updates
Standards-based Support: supports standards-based network protocols and cryptographic algorithms for easy integration with OT and IT systems; Mocana TrustPoint™ contains no open source software
Efficient Design: Mocana’s endpoint security software and cryptographic engine is based on a small and high-performance code base designed for both greenfield and brownfield deployments
Proven: Mocana’s solutions protect more than 100 million mission-critical devices in both defense and commercial applications
Compliant: Mocana’s solutions and expertise enable compliance with a broad range of cybersecurity standards such as: FIPS 140-2, IEC 62443, NERC CIP 003, NIST 800-53, NIST 80-63, DO-178
Comprehensive Platform: Mocana’s solutions provide the protection, provisioning, management to secure the supply chain during the entire lifecycle of the device
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 6 “We Accelerate Growth”
Impressive Partnerships and Exceptional Customer Support
Mocana works closely with partners to ensure its technology integrates seamlessly and to educate all stakeholders in the market; both contribute to increased revenue for Mocana and its partners. The company’s robust partner network consists of several security industry leaders such as Amazon Web Services, Arm, DDC-I, Digicert, FreeRTOS, Gemalto, General Electric, GlobalSign, Infineon Technologies, Intel, Macnica, Microsoft, NXP, Nuvoton, PrimeKey, Qualcomm, RTI, SAP, ST, ThreadX, Ubuntu, Unified Automation, Verizon, Wind River, and Xilinx. Due to Mocana’s cutting-edge technology, it protects more than 100 million devices, including commercial aircraft, fighter jets, helicopters, industrial automation and controls, medical devices, network gateways, set-top boxes, surveillance cameras, tanks, and thermostats. The company boasts 200 of the largest aerospace, defense, energy, industrial manufacturing, transportation, and utility companies among its customer base.
Mocana develops strong relationships with clients, starting by understanding the customer’s business goals and technical requirements, educating them on its technology, demonstrating its solutions’ capabilities through a proof-of-concept, and working with customers to customize and configure the platforms to meet their particular needs. Mocana ensures success by helping its customers to achieve their business goals of driving revenue, launching new secure products and services, reducing operational security costs and managing IoT cybersecurity risks.
“Supply chain integrity is one of the most important challenges facing the industrial IoT. Mocana’s IoT Trust Platform is tackling this problem head-on by automating device enrollment and security provisioning. With tools for both supplier and OEMs, Mocana’s Trust Service will simplify enrollment and secure updates.”
–Ed Amoroso, CEO, TAG Cyber, LLC.
“Our partnership with Mocana focuses on comprehensive security as we work toward providing customers with an easy and effective way to harden their operational technologies.”
–Joerg Borchert, Vice President of Chip Card Security, Infineon Technologies
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 7 “We Accelerate Growth”
Conclusion
Many Internet of Things (IoT) and industrial cybersecurity vendors continue to offer information technology (IT) network security solutions and operational technology (OT) process controls; however, these approaches leave devices vulnerable to cyber-attacks. Mocana developed its industry-leading automated TrustCenter™ and TrustPoint™ platforms to meet this market imperative for stronger device-level security controls. The company’s solutions ensure that both commercial and military clients meet strict industry compliance standards and can prove unparalleled device and data integrity and tamper resistance. With its innovative solutions, powerful partner network, and strong overall performance, Mocana earns Frost & Sullivan’s 2019 North America Visionary Innovation Leadership Award in the Device Security Management Platform industry.
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 8 “We Accelerate Growth”
Significance of Visionary Innovation Leadership A Visionary Innovation Leadership position enables a market participant to deliver highly competitive products and solutions that transform the way individuals and businesses perform their daily activities. Such products and solutions set new, long-lasting trends in how technologies are deployed and consumed by businesses and end users. Most important, they deliver unique and differentiated benefits that can greatly improve business performance as well as individuals’ work and personal lives. These improvements are measured by customer demand, brand strength, and competitive positioning.
Understanding Visionary Innovation Leadership Visionary Innovation is the ability to innovate today in the light of perceived changes and opportunities that will arise from Mega Trends in the future. It is the ability to scout and detect unmet (and as yet undefined) needs and proactively address them with disruptive solutions that cater to new and unique customers, lifestyles, technologies, and markets. At the heart of visionary innovation is a deep understanding of the implications and global
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 9 “We Accelerate Growth”
ramifications of Mega Trends, leading to correct identification and ultimate capture of niche and white-space market opportunities in the future.
Key Benchmarking Criteria For the Visionary Innovation Leadership Award, Frost & Sullivan analysts independently evaluated two key factors—Focus on the Future and Best Practices Implementation—according to the criteria identified below.
Focus on the Future Criterion 1: Focus on Unmet Needs Criterion 2: Visionary Scenarios through Mega Trends Criterion 3: Growth Pipeline Criterion 4: Blue Ocean Strategy Criterion 5: Growth Performance
Best Practices Implementation Criterion 1: Vision Alignment Criterion 2: Process Design Criterion 3: Operational Efficiency Criterion 4: Technological Sophistication
Criterion 5: Company Culture
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 10 “We Accelerate Growth”
Best Practices Recognition: 10 Steps to Researching, Identifying, and Recognizing Best Practices Frost & Sullivan Awards follow a 10-step process to evaluate Award candidates and assess their fit with select best practice criteria. The reputation and integrity of the Awards are based on close adherence to this process.
STEP OBJECTIVE KEY ACTIVITIES OUTPUT
1 Monitor, target, and screen
Identify Award recipient candidates from around the globe
Conduct in-depth industry research
Identify emerging sectors Scan multiple geographies
Pipeline of candidates who potentially meet all best-practice criteria
2 Perform 360-degree research
Perform comprehensive, 360-degree research on all candidates in the pipeline
Interview thought leaders and industry practitioners
Assess candidates’ fit with best-practice criteria
Rank all candidates
Matrix positioning of all candidates’ performance relative to one another
3
Invite thought leadership in best practices
Perform in-depth examination of all candidates
Confirm best-practice criteria Examine eligibility of all
candidates Identify any information gaps
Detailed profiles of all ranked candidates
4 Initiate research director review
Conduct an unbiased evaluation of all candidate profiles
Brainstorm ranking options Invite multiple perspectives
on candidates’ performance Update candidate profiles
Final prioritization of all eligible candidates and companion best-practice positioning paper
5 Assemble panel of industry experts
Present findings to an expert panel of industry thought leaders
Share findings Strengthen cases for
candidate eligibility Prioritize candidates
Refined list of prioritized Award candidates
6 Conduct global industry review
Build consensus on Award candidates’ eligibility
Hold global team meeting to review all candidates
Pressure-test fit with criteria Confirm inclusion of all
eligible candidates
Final list of eligible Award candidates, representing success stories worldwide
7 Perform quality check
Develop official Award consideration materials
Perform final performance benchmarking activities
Write nominations Perform quality review
High-quality, accurate, and creative presentation of nominees’ successes
8 Reconnect with panel of industry experts
Finalize the selection of the best-practice Award recipient
Review analysis with panel Build consensus Select recipient
Decision on which company performs best against all best-practice criteria
9 Communicate recognition
Inform Award recipient of Award recognition
Present Award to the CEO Inspire the organization for
continued success Celebrate the recipient’s
performance
Announcement of Award and plan for how recipient can use the Award to enhance the brand
BEST PRACTICES RESEARCH
© Frost & Sullivan 2019 11 “We Accelerate Growth”
STEP OBJECTIVE KEY ACTIVITIES OUTPUT
10 Take strategic action
Upon licensing, company is able to share Award news with stakeholders and customers
Coordinate media outreach Design a marketing plan Assess Award’s role in future
strategic planning
Widespread awareness of recipient’s Award status among investors, media personnel, and employees
The Intersection between 360-Degree Research and Best Practices Awards Research Methodology Frost & Sullivan’s 360-degree research methodology represents the analytical rigor of our research process. It offers a 360-degree-view of industry challenges, trends, and issues by integrating all 7 of Frost & Sullivan's research methodologies. Too often companies make important growth decisions based on a narrow understanding of their environment, leading to errors of both omission and commission. Successful growth strategies are founded on a thorough understanding of market, technical, economic, financial, customer, best practices, and demographic analyses. The integration of these research disciplines into the 360-degree research methodology provides an evaluation platform for benchmarking industry players and for identifying those performing at best-in-class levels.
About Frost & Sullivan Frost & Sullivan, the Growth Partnership Company, enables clients to accelerate growth and achieve best-in-class positions in growth, innovation and leadership. The company's Growth Partnership Service provides the CEO and the CEO's Growth Team with disciplined research and best practice models to drive the generation, evaluation and implementation of powerful growth strategies. Frost & Sullivan leverages more than 50 years of experience in partnering with Global 1000 companies, emerging businesses, and the investment community from 45 offices on six continents. To join our Growth Partnership, please visit http://www.frost.com.
360-DEGREE RESEARCH: SEEING ORDER IN THE CHAOS