What is the Current State of Cybersecurity in the Oil & Gas Industry?
How is cybersecurity viewed in your organization? Do you feel like your company is well-positioned against cyber threats in your Operational Technology (OT) areas? Is there acknowledgement that as more things and people are connected, that cyber risk will increase?
These are just a few of the questions posed by Cisco’s technology and security experts to leading individuals in the oil and gas industry at the Future Downstream Automation Summit and Future Well Site Automation Summit held September 11th and 12th respectively in Houston, TX.
Cisco was happy to lead roundtable discussions on industrial security at these events since many of the oil and gas operators we work with on a day-to-day basis view cybersecurity as a growing threat and a top barrier to realizing the value of the Industrial Internet of Things (IIoT). And this threat is increasing as reports show that attacks aimed at critical and industrial system are becoming more effective and more common.
Industrial systems and networks exist in all major oil and gas sectors, and play a critical role in operations for drilling, production, pipeline transport, refining and processing. As the business demands more data and more remote monitoring of these assets, new attach surfaces emerge.
The risk to oil and gas operators from cyber-attacks is broad and business-impacting:
- Employee health and safety
- Production uptime and availability
- Intellectual property theft and ransomeware
- Costs for remediation, compliance fines, and reputation damage
Industrial control (ICS) and supervisory control and data acquisition (SCADA) systems in OT networks are inherently vulnerable due to their use of proprietary hardware and software, with little to no security built into aging legacy production networks. This vulnerability is increasing as companies implement IIoT capabilities across their production assets and connect these assets to higher-level enterprise applications.
As discussed during this week summits, to mitigate these risks industrial systems need foundational capabilities which many don’t have today including:
- Visibility and baselines
- Security at touchpoints for people and their devices, and
- Tools that enable and inform a rapid incident response process
Cisco’s cybersecurity portfolio provides solutions for our customers across all these areas. Additionally, Cisco has the infrastructure expertise, services, and strategic partnerships needed to secure business IT and operations, spur faster decision making, and enable new business models without compromising reliability, security, or network response time.
Visit https://www.cisco.com/go/oilandgas or contact your Cisco representative for additional details as you ask yourself, “What is the current state of cybersecurity in my operation?”