Hardening Oil and Gas Infrastructures from Physical Threats and Cyberattacks
As we enter a new year, I’m seeing many changes in the oil and gas industries. Producers are positioning themselves to embrace IoT and new devices to upgrade their existing remote pad sites and facilities. However, protecting new systems and devices isn’t without challenges. Cybersecurity is a major concern and protecting against cyberthreats is obviously essential in this transformation.
Late last year we conducted a webinar with our technology partner Razberi Technologies. This blog will review and analyze some findings from that webinar on why oil and gas must cyberharden IoT devices at the edge and what solutions make this viable. I want to thank Mig Paredes, Director of Strategic Alliances, for his contribution to this post.
The oil and gas industry has survived many booms and busts, but security concerns are a constant. From upstream to midstream to downstream, safeguarding critical energy assets is becoming increasingly complex. This is especially true as once-isolated industrial control systems (ICS) and other infrastructure become more interconnected and IT-oriented.
During our webinar, we outlined security threats and vulnerabilities facing the industry and provided best practices and solutions to mitigate the risks. The list of dangers and challenges is long and growing. They include:
- Vandalism and theft of both equipment and data
- Production interruptions and plant shutdowns
- Pipeline, tank and oil rig platform leaks
- Isolated/remote perimeter locations with limited networking capabilities
- Need for high-quality, emerging monitoring applications
- Cybersecurity attacks
Cyberattacks in particular is worrisome for security professionals simply because the more these sites store critical information on and communicate over a network, the more exposed they become to cybercrime.
Just how serious is cybersecurity in critical infrastructure? Consider that:
- Seventy percent of those who attended our webinar revealed that cyberthreats to their organizations are increasing.
- Over 40 percent of energy companies admit to experiencing some kind of cybercrime over the past few years, according to Sia Partners, a management consulting firm.
- In a study of 377 individuals in the U.S. who are responsible for overseeing or securing cyber-risk in the operational technology environment, nearly 70 percent revealed that cyber-risks to ICP has increased dramatically over the past few years. Sixty one percent revealed their systems are not adequately protected.
- In their 2018 state of the industry report on cybersecurity, Kasperky Lab, a multinational cybersecurity and anti-virus provider, revealed that of 320 worldwide professionals with decision-making power on OT/ICS cybersecurity, 65 percent noted that increased use of IoT devices makes their organizations more vulnerable to cybersecurity attacks.
Protecting the critical infrastructure industry
How can physical security and IT professionals better protect their assets and minimize the damage that both costs the industry millions of dollars and risks lives? Clearly, surveillance is critical for securing oil and gas infrastructure, but this often must be done without a locally situated resource. The growth in IP-based cameras and other IoT devices makes it possible to monitor sites remotely, but it could obviously expose organizations if cybersecurity isn’t taken seriously.
The problem is many physical security professionals don’t have the level of knowledge, budget or staff to properly install, maintain and monitor all of their surveillance devices. According to the same report by Kasperky Lab, the top challenges to managing operational technology (OT)/ICS cybersecurity are hiring employees with the right skills, increasing risks due to increasing integration with new IoT ecosystems, securing new IoT systems, finding dependable partners for implementing ICS cybersecurity solutions and increasing interconnectedness with corporate/enterprise IT.
Here are a few recommendations we presented in our webinar on how to secure oil and gas infrastructures from both physical and cyberthreats:
Understand the threat landscape: Organizations must analyze their security needs by knowing each site’s layout, critical equipment and lighting. This will ensure investment in the right monitoring equipment, ideally with built-in security protections. For example, a gas wellhead has several failure points that can be monitored by visible and thermal cameras. Verification of a failed seal remotely will save time and money.
Automate best practices: Security professionals must be able to harden all video cameras and IoT endpoints as well as configure firewalls around these networks. Automation ensures that cybersecurity best practices, such as these, are done correctly and at scale, saving hours of time spent manually performing hundreds of unfamiliar security tasks.
Other best practices that can be automated include locking down exposed network connections (reducing access to IP-based ICS), implementing security configurations and 24/7 health and cybersecurity monitoring of devices.
Centralize threat reporting: Consider centralizing the health and cybersecurity reporting and alerts from cameras and other IoT devices. The convergence of these under a single display within a video management software platform offers security personnel greater flexibility to quickly investigate and fix issues as well as address incidents.
For more information on the risks, vulnerabilities, and threats to the oil and gas industry, as well as security best practices, view our 30-minute webinar on demand.