October 2, 2024

OT Cybersecurity: Critical Risk Mitigation

Segmenting an oil and gas industry’s corporate network to protect their OT from critical cyber security threats.

Overview

InnoTech Engineering Inc. assessed an oil and gas facility’s OT cybersecurity and found issues with firewall segmentation, outdated antivirus software, and no backup policy. They addressed these by implementing updated firewalls, antivirus software, and a comprehensive backup and recovery policy. These measures significantly improved the facility’s security, ensuring better protection against data breaches and operational disruptions. Continuous monitoring and updates remain essential to address evolving cyber threats.

Situation

Operational Technology (OT) cybersecurity vulnerabilities are often not apparent on the surface, however, can cause the greatest disruptions in a facility. Disruptions can lead to operational downtime causing loss of revenue and data leaks causing loss of trust. InnoTech Engineering Inc (InnoTech) conducted a Current State Assessment (CSA) on a client’s oil and gas facility which revealed some security vulnerabilities in the client’s network design.

The CSA revealed that the client’s facility had:

Inadequate firewall segmentation
Outdated antivirus software and patches
No backup and recovery policy

So what?

Firewall segmentation – Fight against network freedom with firewalls

Proper firewall segmentation limits network access to the correct traffic, safeguarding data and assets from unauthorized access and intrusion. Imagine a museum where staff can access different exhibit entrances using the same key. A staff member with authorization only for the antiques wing could open the animal wing instead, potentially exposing the entire museum to a parade of wild animals. By creating separate keys and locks for each entrance, only authorized personnel will enter the respective areas. Implementing OT firewalls to segment different networks allows you to rest assured that one system’s users and potential problems remain separate from another.

Outdated software and patches – Not the day to be outdated

The longer OT system software and patches have been in use for, the more time potential hackers have of learning where the “chinks in the armour” are. Software specialists focus on finding these vulnerabilities and mitigating them through software updates. By keeping the system up-to-date, there is a higher likelihood that the system will not be breached.

No backup and recovery policy – No policy? That’s a problem.

Ensuring proper backup and recovery for system data ensures that in the event of a data breach, the system data can be found and recovered. Doing back ups infrequently or not at all is like gambling with a facility’s critical data. Creating a policy that outlines processes and who’s responsible, insures a lower chance of data loss.

Why InnoTech?

As a trusted partner of the client and an adept OT consulting company, InnoTech offered to conduct a CSA on the client’s facility. This proved highly advantageous as there were discrepancies the team was able to identify and help mitigate.

What happened and what were the results?

The InnoTech team created a back up and recovery policy that outlined which hosts to be backed up, storage locations, frequency and schedules, and standards for staff.  The latest antivirus software and most recent vendor patches were tested prior to the final install. This was to ensure that they were compatible with the client’s system and wouldn’t cause any unforeseen system disruptions. The team then installed the firewalls and configured them to the system.

Now the client can rest assured that their system is safer now from malicious threats and breaches. They can trust that the policy and processes will help to keep their system monitored, updated, and secured.

For now.

Organizations must make revisiting cybersecurity an ongoing process because new threats can emerge at any moment.

DISCUSSION QUESTIONS

Have you recently checked that your OT software system is up to date and are currently being supported by the vendor?

Is your OT network segmented from your enterprise network and Internet, or is your system open to data breaches from all sides?

Help me find out

Read more studies