DYNAMIC POSITIONING CONFERENCE OCTOBER 9‐11, 2017 TESTING/RISK Cybersecurity in the Oil and Gas Industry – What’s Here and What’s Coming Aarushi Goel GoDaddy
Chem emica ical Sector Water Communications managem emen ent Sect ector Transpor portation on Critical system Manuf ufactur uring Why is security of Commercial Nuclea clear react ctors facilit ilities es O&G a concern? Critic ical l Gover ernmen ent Dams Sector or Infra rastru ructure res Facilities List of Top 16 Critical Infrastructures IT s IT sect ector Defens nse Emergency Healt lthca care services Ener En ergy Food d and d Agricu icult lture Financia cial l Services ces
Ability to use Big Data and Other leading data analytics techniques for ◦ Predictive analysis and Data modelling ◦ Achieving business goals ◦ Real time data analysis and data mining Remote access to Offshore Rigs and Ships ◦ Reduced downtimes in case of technical failures ◦ Reduced Human risk ◦ Reduced Cost and Time
Plant shutdown Equipment damage Utilities interruption Production cycle shutdown Inappropriate product quality Undetected spills Safety measures violation resulting in injuries and even death
DOWNSTREA EAM MIDSTREA EAM UPSTR TREA EAM * Unaut utho horized access s to * Drillin illing and producti tion * Disruption of suppl ply refiner eries es * Tradeof offs in Effici ciency cy vs * * Undet etec ected ed spills * Accessibility ity of refin inery data ta Secu curi rity * Illegal l pip ipelin ine tapping * Viola lati tion of industr try * Technic ical l set t up of I f ICS * Attack cks on m marit ritime t transport ort regula latio tions
IDE DENTIFY FY(ID) D) PROTECT( CT(PR) R) Five Main Stages Of NIST Framework DE DETECT(DE) RESPOND(RS) RS) RECOVE VER( R(RC) RC)
BUSINE NESS S ENVIR IRONME MENT - Physical devices - Organizational mission - Info security policy - Software & Applications and objectives - Security roles & - Roles & Responsibilities - Role in Supply Chain responsibilities - Dependencies and - Legal & Regulatory Critical functions requirements ASSE SSET MANAGE AGEMENT GOVERN RNANCE NCE - Risk Management - Asset vulnerabilities strategy determines - Threats are identified - Organizational Risk - Business impacts and Tolerance likelihood - Risk Responses RI RISK SK RISK RI SK MANAGE AGEMENT ASSESSM SSMENT
Ac Access ess Awareness Data S Securit rity y Inf nfor ormati tion Mainte tena nanc nce Prot otecti tive Contr trol ol and Training Prote tection on Technol nolog ogy • Software • Maintenance of Pro rocesses a and d applications to hardware and • Identities & • Security training • Peri riod odic protect data software assets Proced edures es Credentials auditin iting • Training • Development • Logging • Physical and corresponding • Communications • Backups around Remote access to each security & Control • Data destroy Confidentiality, level Systems policy Integrity and protected Availability is • Data transfer focused policy
Anomalies and Events Security Continuous Detection Processes Monitoring • Roles and • Baseline of N/W • Network continuously responsibilities for operations monitored to detect detection attacks • Detected events • Detection processes analyzed • Monitoring for are tested unauthorized • Event data are • Event detection personnel, aggregated and information is connections, devices, correlated from communicated to and software is multiple sources appropriate parties performed • Impact of events is • Vulnerability scans determined
Respons onse Response plan is executed during or after an event Plann nning ng Events are reported, personnel know their roles, Comm ommuni nication ons coordination with stakeholders Incident anomalies are investigated, forensics are An Analysis s performed, Incidents categorized for responses Incidents are mitigated, incidents are documented Mitigation for future Response plans incorporate lessons learned, Improvements Response strategies are updated
Recovery P y Planni nning ng • Recovery plan is executed during or after an event Improv ovemen ents Communi unications ns • Recovery plans incorporate lessons • Reputation after an event is repaired learned • Public relations are managed • Recovery strategies are updated • Recovery activities are communicated to internal stakeholders
Baseline measurement Target Measurement Identify and Risk Assessment Matrix (RAM) Prioritize opportunities for improvement) Assess progress towards the target state Communicate to stakeholders
Adopt Cybersecurity measures to achieve Prote tect y t your r Facil ilit ity f from rom business objectives the N e New ew Wav ave e of Se of Securi rity Tighten the security of any O&G Threat Th eats organization using NIST Security framework Not a technical framework, can be embedded into the current architecture of any organization
https://www.northstudio.com/sites/default/files/inline-images/security-lock.jpg http://www.dts-solution.com/category/oil-and-gas-sector/ https://farm2.staticflickr.com/1505/25865370540_6bc7d43309_b.jpg https://simplecore.intel.com/insight-tech/wp-content/uploads/sites/45/2017/07/LannerFig1.png https://energyhq.com/app/uploads/2017/04/17OER10973_EHQ_Up-Mid-Downstream_Infographics_Progression_- 1.jpg http://img.thedailybeast.com/image/upload/v1492111436/articles/2016/07/09/the-terrifying-u-s-israeli-computer- worm-that-could-cause-world-war-iii/160707-stern-zero-days-embed-1_kbcwgo.jpg
Recommend
More recommend
