This article was updated on October 16, 2019.
New research from the Ponemon Institute finds digitalization in U.S. Oil and Gas operations is seriously outpacing cyber security measures and that’s creating an undeniable risk to operational security. In “The State of Cyber security in the Oil & Gas Industry: United States,” released this month, 68% of those surveyed said their operations have had at least one security compromise in the past year. Only 35% of respondents rated their operational technology (OT) cyber readiness as high. Other key findings:
- 61% say their organization’s ICS protection and security is inadequate
- 59% believe there is a greater risk in the OT environment than the IT environment
- Only 41% said they continually monitor OT infrastructure to prioritize threats and attacks; and
- 65% said their top cyber security threat is the negligent or careless insider, while 15% said it is the malicious or criminal insider
While the oil and gas industries aim to make improvements to their cyber security risk posture, it’s not straightforward. This recent survey reinforces the fact that even those within the industry foresee major shortfalls. The rapid advancement of digitally connected industrial components, while delivering business benefits, has significantly increased cyber risk. And, only a minority of respondents indicated they can properly assess risks and deploy the right resources to address them.
Oil and Gas Operators Identify Insiders as Greatest Threat
The fact that insiders – whether criminal or negligent, are a top cyber security threat substantiates the need for ICS real-time monitoring and process anomaly detection. Control system traffic is fairly predictable so, by establishing a baseline of ICS network communications and conducting continuous monitoring for anomalies, anything that deviates from expected behavioral patterns is an anomaly worth analyzing. Furthermore, it would be very valuable to identify if these anomalies are due to malicious activity or unintentional errors that could cause process impacts/disruptions – whether from internal or external sources.
Insiders are not the only problem. In a recent article by Collin Eaton of the Houston Chronicle, he points out that the Coast Guard regularly patrols the coast of the Sabine-Neches waterway to monitor unprotected wireless signals that hackers could use for malicious activities. According to this article, the Coast Guard has received several reports that foreign ships attempted to probe the wireless networks of industrial facilities along U.S. waterways.
With the spike in incidents, malicious or not, from insiders or outsiders, the demand for implementing cyber security measures and deploying scarce personnel trained in cyber security is at an all-time high. The challenge is that there is a big gap between the supply and demand of industrial cyber security skills.
Automated Cyber Security and Process Anomaly Detection Can Help
There are no easy answers, but there is some good news in that innovations – such as machine learning and artificial intelligence-enhanced cyberattack detection, can help Oil and Gas operators gain efficiencies in their cyber security programs. Not to mention speed the investigation of incidents to contain attacks before significant damage can occur; and without needing to add additional staffing.
It’s an area that the team at Nozomi Networks knows well through years of building OT-focused cyber security solutions for Oil & Gas and other industrial operators.
We share Dr. Larry Ponemon’s hope that, “the findings of this research create a sense of urgency to make the appropriate investments in people, process and technologies to improve the industry’s cyber readiness.”
Related Content to Download
Download the Case Study: Enel Energy Company
“Through this partnership, we have made a substantial improvement in our Remote Control System. Nozomi Networks’ Guardian is now a fundamental element of our network infrastructure and an essential tool for our daily activities. Nozomi Networks proved to us that their non-intrusive in-depth technology was able to substantially improve the reliability, efficiency, and cyber security of our remote control system.”
FEDERICO BELLIO ENEL’S HEAD OF POWER GENERATION REMOTE CONTROL SYSTEM
- Ponemon Institute Report: The State of Cyber security in the Oil & Gas Industry: United States
- Solution Brief: Nozomi Networks
- Data Sheet: Guardian
- Blog: Ukraine, Vermont Utility Cyberattacks Highlight Need For Robust ICS Security In 2017
Armed with an outstanding track record of matching technical capabilities to market needs, Edgard Capdevielle has been a rainmaker in security, data center and cloud storage for many years. He is often invited to share his unique insights as a keynote speaker and panelist at industry and cyber security conferences worldwide. As CEO of Nozomi Networks, Edgard is deeply committed to protecting our critical infrastructure from escalating threats, and helping industrial organizations address their complex network visibility and cyber security challenges.