2013 2014 INSERT COMPANY LOGO HERE 2014 North 2013 American North Content-aware American SSL Security Certificate Platform for IIoT Enabling Product Technology Leadership Leadership Award Award
Background and Company Performance Industry Challenges The traditional industrial control system (ICS) ecosystem is comprised of several automation and networking components that rely on security by obscurity. Cybersecurity was not a key parameter because most of these networks were closed-loop, isolated systems that were not IP- (internet protocol) enabled and did not have options for encryption, authentication, and other security needs. However, Frost & Sullivan recognizes that in today s connected and integrated industries, this traditional approach to industrial security is no longer viable as networks and devices are IP-enabled and vulnerable to cyber-attacks. There are several classic examples of attacks against critical infrastructure industries such as Stuxnet, Shamoon, Duqu, Flame, and HAVEX to name a few that reiterate the destructive consequences of flaws in cybersecurity systems in the industrial domain. With increasing business imperatives such as connectivity and remote access requirements, cybersecurity for the ICS has to be scaled up to a greater extent and support the implementation of the IIoT space ( industrial Internet of things ). As IIoT approaches quickly in both discrete and process industries, the increased adoption of cloud, big data, and analytics will provide immense value toward operations and productivity but at the same time increase the threat surface area. Furthermore, the IIoT environment generates huge amounts of data and enables intricate levels of data-sharing across the networks. To put it simply, the increase in IIoT adoption translates to an increase in cybersecurity threats, requiring solution providers to develop product offerings that can overcome the challenges from design to implementation of cyber physical systems. From a holistic design perspective, end-to-end ICS cybersecurity involves physical security; secure authentication; encrypted communications; firewalls; deep packet inspection; automated intrusion detection; and perimeter-monitoring solutions. These cybersecurity solutions need to synchronize with the development of other industrial devices or networking technologies to accommodate several industrial communication protocols in existence, such as modbus, profibus, masibus, DNP3, IEC61850, devicenet, controlnet, profinet, and the industrial Internet. However, these two technologies are happening in two different streams, similar to the IT security design in the past where differences existed in the approaches for packet filtering in the network (Layer-3) and the application (Layer-7). It becomes an obvious choice to introduce tight security features as the vulnerabilities in the application layer increase at faster pace. Unlike in the enterprise world, the case is further complicated in the ICS world because of the wide variety of standard practices and legacy systems that have been implemented. Hence, checking the data packets without affecting the network performance at the application layer is very crucial in the ICS domain. Frost & Sullivan 2 We Accelerate Growth
From a holistic implementation perspective, cybersecurity systems need to be modular, scalable, and constantly updated so that they will not only identify the threats but also defend and record threat histories to enable future protection protocols. However, there are several barriers to overcome for successful and lasting cybersecurity implementation in the ICS domain. This includes inadequately skilled cybersecurity experts in the industrial environment and a lack of end-user awareness that hinders the implementation of cybersecurity solutions in the short term. The increased use of commercial off-the-shelf IT solutions and the open industrial environment further mandates strong cybersecurity implementation strategies. As the industry is now becoming a mix of enterprise and operation networks, the implementation challenge is further complicated and hence the price for such solutions also increases. Therefore, developing an ecosystem of cybersecurity platforms for the IIoT environment will require solution providers to augment the existing industrial infrastructure and technologies to continuously accommodate new requirements. Customer Value and Technology Excellence Criterion 1: Commitment to Innovation Cyber physical production systems are very critical in driving the adoption of IIoT. In spite of many startup companies that have emerged to solve critical challenges in the manufacturing space with their innovation competence, only a few make a big difference in the longer term because of their commitment to innovation. Bayshore Networks is one such company with a mission of providing solutions to secure tomorrow s Internet of Everything that include industrial controls as well as enterprise applications. Innovation is the key in improving industrial-strength cybersecurity platforms to protect critical manufacturing and infrastructure assets. Bayshore Networks, which is innovating in the market with its content-aware security and policy management solution, has also joined the Industrial Internet Consortium (IIC). The organization looks to pioneer the industry with content and context-aware security solutions that allow end-users to implement layer-7 application firewalls without any major concerns in the security framework. The following chart in the next page illustrates Bayshore Networks quest for innovative solutions that invigorates all of their core products and pervades a strong value contribution in the ICS cybersecurity market. Frost & Sullivan 3 We Accelerate Growth
Best Practices from Bayshore Networks: Bayshore Networks introduced Pallaton TM to narrow down the malware sophistication gap through a powerful proxy-based policy expression language that is embedded in the appliance itself. This creates content-based rules and enforces policies at a line rate of more than 10 gbps, which makes it a unique solution in the ICS market. This is one of the futuristic solutions that Bayshore Networks offers to create a significant difference to the industrial customers who are adapting to Internet of Everything in the longer term. This is a conscious, ongoing development solution from Bayshore Networks that exhibits its consistent support in pursuing groundbreaking ideas in the industrial domain. Criterion 2: Application Diversity In the midst of several legacy solutions, Bayshore Networks offers a unique security platform to solve the cybersecurity challenges in industrial controls, critical infrastructure, and global enterprise organizations. Bayshore Networks offers high-speed appliances separately for enterprise security (Bayshore SE TM ) and for industrial control environment (Bayshore IC TM ) with an extensible policy enforcement feature via Pallaton TM. These appliances have flexibilities in terms of plugging into a network switch to inspect certain strings, a combination of characters, file types, and integrity status in data compression and encryption. Frost & Sullivan firmly believes that the beauty of these appliances is their flexibility in configuring and controlling content traffic in the network through a single global policy tool (Pallaton TM ). Though there is a wide variety of communication protocols Frost & Sullivan 4 We Accelerate Growth
in practice in the ICS domain, Pallaton TM works in the same fashion as in the IT environment for establishing policy standards. Best Practices from Bayshore Networks: Bayshore Networks went one step ahead with their security appliances by enabling end users to comply with safety regulations. This allows control over the set points and operating procedures beyond the operating ranges. This is done through one single point of policy management and also alerts when there are any outliers in the operational data. This ensures safety for people, processes, and equipment. This is one advantage of Pallaton TM from Bayshore Networks in serving multiple purposes through a single technology. Criterion 3: Commercialization Success New product developments are often time consuming and involve several expenses for solution providers. Furthermore, end users are often skeptical about deploying a solution offering that is new to the industry. When the buzz is high toward Internet of Everything in the industrial domain, in Frost & Sullivan's opinion, Bayshore Networks solution success can be described by its capability to expand its customer base to include Fortune 100 manufacturing clients. This success is mainly a result of the company s flagship Bayshore IC and Bayshore SCADA Firewall technologies (first appliance in the Bayshore IC series), which provide data-level controls at line speed levels in enterprise and industrial control organizations. This shows the company s strong value proposition in solving the ICS cybersecurity issues and enables industrial end customers to leverage the several benefits of IIoT (Industrial Internet of Things). Best Practices from Bayshore Networks: Bayshore Networks doubled its sales revenue and bookings in 2013 with its superior technology and market approaches among end users to protect their critical infrastructure and manufacturing assets from increasingly sophisticated threats. Understanding the increasing number of threat vectors and the possibilities for backdoors in the network, Bayshore Networks continuously expands its Layer 7 application protection and content inspection capabilities to safeguard critical data against all forms of cybersecurity challenges. Moreover, Bayshore Networks partnered with BAE Systems to integrate the Bayshore solution into the BAE framework. This strategic partnership benefits both parties to address the industry's core implications, such as security against threats in a multiprotocol industrial environment and increased inspection performance in multi-gigabit network. Criterion 4: Product/Service Value Cybersecurity is increasingly becoming a scientific discipline, and the innovation is oriented around application-centric and technology-centric solutions. Secondly, as the Internet architecture itself is in continuous transition, it is a natural progression for cybersecurity to transition from infrastructure-centric security design to application-centric security design. This looks fairly simple in an enterprise environment (actually not so) but Frost & Sullivan 5 We Accelerate Growth
significantly complex in a non-enterprise environment because the industrial systems and network protocols are not intrinsically designed to address cybersecurity challenges. Though IIoT provides significant benefits like real-time situational awareness and big data analytics, the adoption rate has been fairly limited because of the significant uncertainties caused by cybersecurity risks. Hence, Bayshore Networks took the successful applicationcentric cybersecurity design concept from enterprise networks and customized it to the industrial networks. Bayshore Networks offers SDN- (software-defined networking) based control facility over the network infrastructure, which aids in deploying operational and security policy. Frost & Sullivan research shows that through this approach, Bayshore Networks offers a unified policy platform that regulates the increasing IP-based devices in the industrial network and enables industrial customers to benefit by connecting all the digital assets. Best Practices from Bayshore Networks: To further explain Bayshore Networks innovative value proposition, let us consider the Bayshore IC TM solution. Bayshore Networks has developed the Bayshore IC TM application firewall that safeguards against malicious attacks to enterprise applications. Bayshore Networks has developed a highly configurable hardware- or software-based appliance that is easy to use. This system can be connected to the network and manually configured without any experts or templates. Moreover, the user interfaces are intuitive to navigate and setup policies for applications within minutes of turning the appliance on. Apart from the normal firewall features, Bayshore Networks also includes some heuristic capabilities to detect behavioral anomalies in real time that enable the operator to identify whether an application is under attack. Further to this mode, administrators can automatically define internal policy rules to match the characteristics of the applications being protected with specific granularity under the heuristics learning mode. This example illustrates how Bayshore Networks creates value-added layers to the end user after offering a unified product platform. Criterion 5: Service Experience Since cybersecurity is an evolving domain that requires continuous engagement with end customers even after deployment, Bayshore Networks offers support services through annual maintenance plans. Based on need, the company offers standard business-hour support or gold level 24/7 support that includes phone- and email-based support apart from an online customer-support portal. In terms of value for the money invested, the unified platform offers the holistic combination of flexibility to configure policies as needed and adaptability to enable heuristics-based learning. This unified platform has the capability to provide protection against threats and malicious attacks for complex and large networked environments that include several data-intensive applications. Frost & Sullivan 6 We Accelerate Growth
Best Practices from Bayshore Networks: In order to enhance service experience, Bayshore Networks partnered with Cisco for propagating security policies across Cisco TrustSec-enabled devices. Through this offering, customers get personalized, professional services for policy-based governance. This service partnership illustrates the intention of Bayshore Networks to offer signature-based Layer 7 content inspection technology that performs advanced behavioral analysis, application discovery, and profiling. This benefits the industrial customer in securing the converged IT and OT networks in the enterprise core rather than at the network perimeter. Criterion 6: Total Customer Experience Frost & Sullivan notes that through strategic partnerships and affiliations, Bayshore Networks is able to offer a combination of cutting-edge technology and superior customer experiences. For example, Bayshore Networks partnered with SecurView (a leading provider of managed security services and compliance solutions) to deliver a powerful next-generation managed firewall service. This enabled the company to expand its customer base and extend its products and services to enterprise, government, and industrial control customers. This partnership aids in the promotion of a complete anomaly of protection managed services by utilizing the Bayshore IC TM, for high-performance network core protection, or Bayshore SCADA Firewall for industrial Internet security. Best Practices from Bayshore Networks: Bayshore Networks offered its Bayshore IC solution to directly remediate a large class of "severe" or "critical" type network-level errors, threats, and vulnerabilities in one of their Fortune 100 client s networks. A use case in context is that of a client s establishment was scanned, severe vulnerabilities were detected for data leakage, SQL injection and crosssite scripting, and so on,. This was mainly a result of the lack of application design to protect against new security threats and inadequate adherence to secure coding standards. Apart from this solution for the existing issues, Bayshore Networks also offered the Bayshore IC platform with adaptive heuristics that automatically fine tune its internal rules to match the characteristics of the application being protected, down to a very fine level of granularity. It took less than a month to deploy and cost the end user half of the original budget. Moreover, the advantage of this solution is easy deployment of the cybersecurity solution without modifying the original application. Another use case is that of a company which supplies industrial robots. The company was able to securely understand data flowing in from the robots, provide updates and even deliver remote managed services. While this looks interesting, the solution was implemented in an automotive manufacturing establishment. So, in essence Bayshore s solution provided a win-win situation for the robot solution supplier and the automotive end-user. Frost & Sullivan feels that this is a testament of the organization s technology prowess and customer-centric innovation. Frost & Sullivan 7 We Accelerate Growth
Conclusion Bayshore Networks offers a unified cybersecurity platform to set policies that stop cyberattacks against vital industrial control systems in critical infrastructure. Frost & Sullivan's independent analysis of the Content-aware Cybersecurity Platforms market clearly shows that in spite of multi-protocol and legacy environment, Bayshore Networks offers a superior enabling platform that conducts Layer 7 inspections in a high-speed network and is more intuitive while possessing heuristic learning capabilities to evolve against new threats. The hardware, software, and virtual appliances from Bayshore Networks possess all the features to aid the IIoT market by eliminating the cybersecurity challenges in the industrial domain. Apart from the technological capabilities, the ability of Bayshore Networks to strike strategic partnerships and affiliations illustrates its influence over the cybersecurity market. Based on Frost & Sullivan s independent research, Bayshore Networks is recognized with the 2014 Enabling Technology Leadership Award in Cybersecurity Security Platforms for the Industrial IOT Market. Enabling Technology Leadership Ultimately, growth in any organization depends upon customers purchasing from your company, and then making the decision to return time and again. Everything is truly about the customer and making those customers happy is the cornerstone of any longterm successful growth strategy. To achieve these goals through technology leadership, an organization must be best-in-class in three key areas: (1) take into account what your competitors are, and are not, doing; (2) meet customer demand with a comprehensive, value-driven product or service portfolio; and (3) establish a brand that resonates deeply with customers and stands apart from other providers. To achieve best-practice levels in brand, demand, and positioning is a rare and significant accomplishment, and that is why Frost & Sullivan celebrates it with the Enabling Technology Leadership Award. Recipients of this award represent the top ten percent of their industry: the other ninety percent can t keep up. Key Benchmarking Criteria For the Enabling Technology Leadership Award, Frost & Sullivan evaluated the total client experience and strategy implementation excellence according to the criteria detailed below. Customer Value Excellence Criterion 1: Total Customer Experience Criterion 2: Product/Service Value Criterion 3: Purchase Experience Criterion 4: Ownership Experience Criterion 5: Service Experience Technology Excellence Criterion 1: Commitment to Innovation Criterion 2: Commitment to Creativity Frost & Sullivan 8 We Accelerate Growth
Criterion 3: Stage Gate Efficiency Criterion 4: Commercialization Success Criterion 5: Application Diversity The Intersection between 360-Degree Research and Best Practices Awards Research Methodology Frost & Sullivan s 360-degree research methodology represents the analytical rigor of our research process. It offers a 360-degree-view of industry challenges, trends, and issues by integrating all 7 of Frost & Sullivan's research methodologies. Too often, companies make important growth decisions based on a narrow understanding of their environment, leading to errors of both omission and commission. Successful growth strategies are founded on a thorough understanding of market, technical, economic, financial, customer, best practices, and demographic analyses. The integration of these research disciplines into the 360-degree research methodology provides an evaluation platform for benchmarking industry players and for identifying those performing at bestin-class levels. Decision Support Scorecard 360-DEGREE RESEARCH: SEEING ORDER IN THE CHAOS To support its evaluation of best practices across multiple business performance categories, Frost & Sullivan employs a customized Decision Support Scorecard. This analytical tool compares companies performance relative to each other. It features criteria unique to each award category and ranks importance by assigning weights to each criterion. The relative weighting reflects current market conditions and illustrates the associated importance of each criterion according to Frost & Sullivan. This tool allows our research and consulting teams to objectively analyze performance, according to each criterion, and to assign ratings on that basis. The tool follows a 10-point scale that allows for nuances in performance evaluation; ratings guidelines are illustrated below. Competitive Benchmarking Availability of Capital Demographics Buying Behavior Growth Strategies Economic Trends Industry Expansion Industry Evolution New Vertical Markets GeoPolitical Stability Growth Implementation Technology Obsolescence Emerging Technologies CEO Sustainability Disruptive Technologies New Business Cultures Smart Cities Career Development New Applications Segmentation Industry Convergence Country Risk Branding and Positioning Crowd Sourcing Competitive Strategy Needs and Perceptions Capital Investments Emerging Competition Frost & Sullivan 9 We Accelerate Growth
Best Practice Award Analysis for Bayshore Networks Decision Support Scorecards: Enabling Technology Leadership The Decision Support Scorecards, shown below, include all performance criteria listed and illustrate the relative importance of each criterion and the ratings for each company under evaluation for the Enabling Technology Leadership Award. The research team confirms the veracity of the model by ensuring that small changes to the ratings for a specific criterion do not lead to a significant change in the overall relative rankings of the companies. Finally, to remain unbiased and to protect the interests of all organizations reviewed, Frost & Sullivan has chosen to refer to the other key players in as Company 2 and Company 3. Decision Support Scorecard: Customer Value Excellence Measurement of 1 10 (1 = poor; 10 = excellent) Award Criteria Customer Value Excellence Total Customer Experience Product/Service Value Purchase Experience Ownership Experience Service Experience Weighted Rating Relative Weight (%) 20% 20% 20% 20% 20% 100% Bayshore Networks 9 9 8 10 9 9.0 Company 2 7 7 7 5 6 6.4 Company 3 6 7 8 7 7 7.0 Criterion 1: Total Customer Experience Requirement: Customers receive exceptional impression at every stage of the purchase cycle Criterion 2: Product/Service Value Requirement: Products or services offer the best value for the price, compared to similar offerings in the market Frost & Sullivan 10 We Accelerate Growth
Criterion 3: Purchase Experience Requirement: It is as simple for salespeople to sell the product or service as it is for the customer to buy the product or service Criterion 4: Ownership Experience Requirement: Customers are proud to own and use the company s product or service Criterion 5: Service Experience Requirement: Customer service is accessible, fast, and stress-free Decision Support Scorecard: Technology Excellence Measurement of 1 10 (1 = poor; 10 = excellent) Award Criteria Technology Excellence Commitment to Innovation Commitment to Creativity Stage Gate Efficiency Commercialization Success Application Diversity Weighted Rating Relative Weight (%) 20% 20% 20% 20% 20% 100% Bayshore Networks 8 9 9 10 9 9.0 Company 2 6 7 7 5 6 6.2 Company 3 7 8 8 7 8 7.6 Criterion 1: Commitment to Innovation Requirement: Conscious, ongoing development of an organization culture that supports the pursuit of groundbreaking ideas Criterion 2: Commitment to Creativity Requirement: Employees known for pushing the limits of form and function, and who are unafraid to pursue white space innovation Criterion 3: Stage Gate Efficiency Requirement: A process that moves creative, groundbreaking concepts quickly and profitably from early-stage investments to late-stage prototyping Criterion 4: Commercialization Success Requirement: A proven track record of taking new technologies to market with a high rate of success Criterion 5: Application Diversity Requirement: The development of technologies that serve multiple purposes and can be embraced by multiple user types Frost & Sullivan 11 We Accelerate Growth
About Frost & Sullivan Frost & Sullivan, the Growth Partnership Company, enables clients to accelerate growth and achieve best in class positions in growth, innovation and leadership. The company's Growth Partnership Service provides the CEO and the CEO's Growth Team with disciplined research and best practice models to drive the generation, evaluation and implementation of powerful growth strategies. Frost & Sullivan leverages more than 50 years of experience in partnering with Global 1000 companies, emerging businesses and the investment community from 40 offices on six continents. To join our Growth Partnership, please visit http://www.frost.com. Frost & Sullivan 12 We Accelerate Growth