cybersecurity in the oil and gas industry – what’s here...
TRANSCRIPT
![Page 1: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/1.jpg)
DYNAMIC POSITIONING CONFERENCEOCTOBER 9‐11, 2017
TESTING/RISK
Cybersecurity in the Oil and Gas Industry – What’s Here and What’s Coming
Aarushi Goel GoDaddy
![Page 2: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/2.jpg)
![Page 3: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/3.jpg)
Why is security of O&G a concern?
List of Top 16 Critical Infrastructures
Critical Infrastructures
Chemical SectorCommunications
Sector
Critical Manufacturing
Commercial facilities
Dams Sector
Defense
Emergency services
EnergyFinancial Services
Food and Agriculture
Healthcare
IT sector
GovernmentFacilities
Nuclear reactors
Transportation system
Water management
![Page 4: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/4.jpg)
Ability to use Big Data and Other leading data analytics techniques for◦ Predictive analysis and Data modelling◦ Achieving business goals◦ Real time data analysis and data mining
Remote access to Offshore Rigs and Ships◦ Reduced downtimes in case
of technical failures◦ Reduced Human risk◦ Reduced Cost and Time
![Page 5: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/5.jpg)
Plant shutdown Equipment damage Utilities interruption Production cycle shutdown Inappropriate product quality Undetected spills Safety measures violation resulting in injuries and even death
![Page 6: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/6.jpg)
* Drilling and production
* Tradeoffs in Efficiency vs Security
* Technical set up of ICS
UPSTREAM
* Disruption of supply
* Undetected spills
* Illegal pipeline tapping
* Attacks on maritime transport
MIDSTREAM
* Unauthorized access to refineries
* Accessibility of refinery data
* Violation of industry regulations
DOWNSTREAM
![Page 7: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/7.jpg)
![Page 8: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/8.jpg)
IDENTIFY(ID)
PROTECT(PR)
DETECT(DE)
RESPOND(RS)
RECOVER(RC)
Five Main Stages Of NIST Framework
![Page 9: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/9.jpg)
- Physical devices- Software & Applications- Roles & Responsibilities
ASSET MANAGEMENT
- Organizational mission and objectives
- Role in Supply Chain- Dependencies and
Critical functions
- Info security policy- Security roles &
responsibilities- Legal & Regulatory
requirements
- Asset vulnerabilities- Threats are identified- Business impacts and
likelihood- Risk Responses
- Risk Management strategy determines
- Organizational Risk Tolerance
BUSINESS ENVIRONMENT
GOVERNANCE
RISK ASSESSMENT
RISK MANAGEMENT
![Page 10: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/10.jpg)
Access Control •Identities &
Credentials•Physical and
Remote access
Awareness and Training•Security training•Training
corresponding to each security level
Data Security •Software
applications to protect data•Development
around Confidentiality, Integrity and Availability is focused
Information Protection Processes and Procedures •Backups•Data destroy
policy•Data transfer
policy
Maintenance•Maintenance of
hardware and software assets•Logging
Protective Technology • Periodic
auditing•Communications
& Control Systems protected
![Page 11: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/11.jpg)
Anomalies and Events
•Baseline of N/W operations
•Detected events analyzed
• Event data are aggregated and correlated from multiple sources
• Impact of events is determined
Security Continuous Monitoring
•Network continuously monitored to detect attacks
•Monitoring for unauthorized personnel, connections, devices, and software is performed
•Vulnerability scans
Detection Processes
•Roles and responsibilities for detection
•Detection processes are tested
• Event detection information is communicated to appropriate parties
![Page 12: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/12.jpg)
Response Planning Response plan is executed during or after an event
Communications Events are reported, personnel know their roles,
coordination with stakeholders
Analysis Incident anomalies are investigated, forensics are performed, Incidents categorized for responses
MitigationIncidents are mitigated, incidents are documented for future
Improvements Response plans incorporate lessons learned, Response strategies are updated
![Page 13: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/13.jpg)
Recovery Planning •Recovery plan is executed during or
after an event
Improvements •Recovery plans incorporate lessons
learned•Recovery strategies are updated
Communications •Reputation after an event is repaired•Public relations are managed•Recovery activities are communicated
to internal stakeholders
![Page 14: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/14.jpg)
Baseline measurement
Target Measurement
Identify and Prioritize
opportunities for improvement)
Assess progress towards the target state
Communicate to stakeholders
Risk Assessment Matrix (RAM)
![Page 15: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/15.jpg)
Adopt Cybersecurity measures to achieve business objectives
Tighten the security of any O&G organization using NIST Security framework
Not a technical framework, can be embedded into the current architecture of any organization
Protect your Facility from the New Wave of Security Threats
![Page 16: Cybersecurity in the Oil and Gas Industry – What’s Here ...dynamic-positioning.com/proceedings/dp2017/Testing and Risk - Goel...DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017](https://reader034.vdocuments.net/reader034/viewer/2022050110/5f47f385297c7359cf5c6dc5/html5/thumbnails/16.jpg)
https://www.northstudio.com/sites/default/files/inline-images/security-lock.jpg http://www.dts-solution.com/category/oil-and-gas-sector/ https://farm2.staticflickr.com/1505/25865370540_6bc7d43309_b.jpg https://simplecore.intel.com/insight-tech/wp-content/uploads/sites/45/2017/07/LannerFig1.png https://energyhq.com/app/uploads/2017/04/17OER10973_EHQ_Up-Mid-Downstream_Infographics_Progression_-
1.jpg http://img.thedailybeast.com/image/upload/v1492111436/articles/2016/07/09/the-terrifying-u-s-israeli-computer-
worm-that-could-cause-world-war-iii/160707-stern-zero-days-embed-1_kbcwgo.jpg