The digital capabilities that can make you more competitive can also protect your oil and gas operations from cyber threats
Cybersecurity is no longer a concern only for tech experts in the IT department. It’s also top priority for executives in the board room and operators in the oilfield, and for good reason. More frequent and sophisticated, high-profile cyber security attacks on oil and gas operations have put the industry on edge.
Without a doubt, you need comprehensive security as your operations become more digital. But this security doesn’t need to come at the expense of your business-improvement goals. In fact, quite the opposite. The same digital capabilities that can help you better compete – like seamless connectivity, production intelligence and remote support – can also help fortify your operations.
As you plan and design your oil and gas cybersecurity strategy, capitalise on the aspects of your connected operations that have shared security and operational benefits. Five key examples include:
1. Dynamic Asset Inventory
It’s hard to mitigate threats if you don’t know what they might target in your operations. That’s why a comprehensive, real-time understanding of your connected equipment and systems is essential.
Historically, taking an inventory of your equipment required physically sending someone to all your production sites. This process is time consuming, especially if you have dispersed and remote operations. It’s also limiting, because the data captured only gives you a snapshot in time of your inventory.
The industrial internet of things (IIoT) is changing this. Now, using software or connected services, you can use the same communications path as your control systems to gather asset data.
With a continuous, real-time inventory of your operational equipment, you can stay on top of risks to your production environments. For example, you can quickly see if security advisories, firmware updates or new patch releases are relevant to your installed base.
You can also better manage your operations. The data can help you, for instance, track lifecycle risks and inform your modernisation strategy.
2. Real-Time Process Visibility
It’s not enough to just know what equipment you have. You also need real-time visibility into how, when and where people are accessing or manipulating it.
A threat-detection service can identify normal behaviour across your oil and gas network and monitor your operations 24/7 for deviations from that baseline. Operators can then be alerted of any irregularities or potential threats in real time.
This visibility can help you uncover a threat like an outsider security attack at multiple stages, including:
- > When they first gain a foothold on your network
- > When they’re moving around the network to do recon on your operations
- > When they’re making changes to assets (systems, equipment, networks) to carry out an attack
The service can also help you detect more common human errors and operational issues that, while lacking nefarious intent, can still disrupt your operations. For instance, it could reveal that an OEM remotely accessed and made changes to a controller in the wrong location.
3. Life cycle Management Support
According to the 2019 Global Energy Talent Index report, 40% of oil and gas respondents said a skills crisis has already hit the industry. And nearly 30% said the crisis would take hold in the next five years.
To lessen the impact of the skills shortage, more companies are looking to outsource the responsibility of managing their oil and gas production systems. And who better to monitor, maintain and modernise the systems than the companies that supply them?
One major oil and gas producer turned to a diagnostic reliability service from Rockwell Automation to reduce its cyber security risks and lower its business costs. As part of the service, the provider continuously scans the process-control network of the oil and gas producer to identify, interrogate and monitor control hardware. It captures key data – such as its part number, series version and firmware version – and tracks status, health and parameter changes.
The service helped the producer comply with a new corporate cyber security policy. And it led to operational improvements – such as more proactive maintenance that helped them reduce manpower costs in the field and pump more barrels of oil per day.
4. Disaster Recovery
In the event of a security incident, you need a plan and policies in place to help you recover as quickly as possible. This will help you minimise the impact of security incidents and maximise your uptime.
A response plan can help you contain, eradicate and quickly recover from threats to your operations. It should include the steps workers need to take to get back to a fully operational state.
Policies are just as crucial. For example, they should define a method for backing up your critical operational assets. Without backups, you could find yourself the victim of ransomware and having to decide: Should we pay someone to re-engineer our systems or pay the attacker to get them back?
One solution that can be required in your policy is asset-management software. It can automatically back up application code and configurations for devices like controllers, drives and operator terminals.
5. Good Security Fundamentals
There are security best practices – known as security fundamentals – that every oil and gas company should use to achieve a high level of security.
Some are simple, like changing the default log-ins used in any new network equipment you purchase. Software with authentication and authorisation is another best practice. It allows your IT or security team to define who can access the software, what actions they can take and where they can perform those actions.
Other aspects of security hygiene is more complex. For instance, control (OT) and enterprise (IT) traffic should not be treated the same on your network. If the network infrastructure that handles both these traffic types goes down, then your entire enterprise is no longer functional. That’s why you should use an industrial DMZ to segment control and enterprise traffic.
In addition to securing your operations, these best practices can also have operational benefits. Segmentation, for example, allows you to connect remote employees and partners with on-site workers to more quickly troubleshoot and resolve downtime issues.
Know Before You Go
Getting the most from your connected operations and securing them can go hand in hand. But before you do anything, you need a strategy to identify where you can be more competitive and where your threats lie. Then, you can see where these two areas share common ground.
If you’re unsure of what to do or where to start, visit us at ADIPEC at Hall 1, stand 1230
Meet Rockwell Automation team in person to unlock the potential of your oil and gas operations.
For more information contact: Gert Thoonen, EMail: email@example.com