Oil & Gas Producer Deploys Global ICS Security Program
Read how this oil & gas operator built cyber resiliency by deploying a global, risk-based ICS security program.


Challenges
- Visibility and monitoring at the field level
- No inventory of operations or field assets
- Detecting, preventing and remediating attacks

Results
- Detailed asset inventory to detect, prevent and remediate cyberattacks
- Deepened ability to monitor ICS network activity
- Improved anomaly detection to prevent cybersecurity and process incidents before they occur
The Customer: An International Oil & Gas Producer
This integrated oil & gas producer operates in the United States, Latin America and Middle East and has more than 11,000 employees.
How Does an International Oil & Gas Producer Achieve Visibility and Monitoring at the Field Level?
In 2017, Accenture Security began working with an international oil and gas producer to evaluate global cyber risks to its operational assets. The ultimate goal: define, design, develop and deploy a fit-for-purpose, risk-based industrial control systems (ICS) security program.
The company first proposed a six-week contract for Accenture Security to work with its new ICS security lead and provide guidance and strategies for managing ICS security. After evaluating the initial results, the client’s executive team asked Accenture to continue; the six-week contract became a multi-year, end-to-end global security project.
With oil and gas facilities distributed across three continents and no inventory of its operations and field assets, the company lacked device visibility and monitoring at the field level. This made it a challenge to assess the security posture of its facilities, and to quickly detect, isolate, prevent, repel, and remediate attacks.
Nozomi Networks and Accenture Combine Industry Experience with the Right Technology
Employing its experience with large ICS security programs, Accenture Security first outlined a plan to implement an end-to-end solution that would increase operational visibility, cybersecurity and resilience. As a result, the client would accelerate and deepen its ability to anticipate, mitigate and if necessary, recover from attacks without safety or business impacts.
One critical step in the process was for Accenture and the oil and gas producer to identify technology that would enable visibility and enhance cybersecurity. This wasn’t difficult: the producer’s IT/OT team had seen several demonstrations of Nozomi Networks’ operational visibility and cybersecurity solution – and had been impressed. Thus, they asked the Accenture team about folding Nozomi Networks Guardian solution into the broader cybersecurity program under development.
Accenture was well aware of the advantages of the Nozomi Networks solution. In 2018, the two organizations announced a partnership under which Accenture Security would bundle Nozomi Networks’ deep network visibility and real-time ICS cybersecurity products with its threat-hunting services to create a comprehensive, converged IT/OT security solution.
Globally, more than 70 Accenture Security consultants have been trained as Certified Nozomi Networks Engineers, a number that continues to grow. The Nozomi Networks Guardian solution was also deployed at the Accenture Innovation Center OT Cyber Range in Houston, Texas, a learning hub where companies can test leading solutions against live threat scenarios.
Accenture and the oil and gas client were also confident that the Nozomi Networks solution would integrate smoothly into its end-to-end solution and could automate the creation of a detailed asset inventory. In addition, the synergy between Nozomi Networks and Accenture meant a faster rollout and accelerated protection.
Accenture's specialized OT team rolled the solution out to 23 North American sites in Q4 2018. An additional 23 sites were added in Q1 2019, with expansion to other continents planned throughout 2019 and 2020.
Real-time Operational Visibility & Enhanced Cybersecurity
With multiple Guardian sensors deployed and the Accenture-designed solution in place, the oil and gas company now has the ability to rapidly detect and mitigate threats to ICS systems and process reliability and cybersecurity.
Additionally, they now have a global and automated asset inventory with detailed device information including traffic throughput and TCP connections and real-time regional and global ICS network visualization.
Furthermore, they achieved scalability across hundreds of assets on three continents with flexible, cost-effective deployment options for varying facility sizes and requirements. The oil and gas company now has the ability to rapidly detect and mitigate threats to ICS systems, process reliability and cybersecurity.
Read more customer stories

Enel Secures their Global Power Generation Network

Protecting the 2024 Paris Olympics Critical Infrastructure from Cyber Threats
