October 2, 2024

OT Cybersecurity: Critical Risk Mitigation

Segmenting an oil and gas industry’s corporate network to protect their OT from critical cyber security threats.

Overview

InnoTech Engineering Inc. assessed an oil and gas facility’s OT cybersecurity and found issues with firewall segmentation, outdated antivirus software, and no backup policy. They addressed these by implementing updated firewalls, antivirus software, and a comprehensive backup and recovery policy. These measures significantly improved the facility’s security, ensuring better protection against data breaches and operational disruptions. Continuous monitoring and updates remain essential to address evolving cyber threats.

Situation

Operational Technology (OT) cybersecurity vulnerabilities are often not apparent on the surface, however, can cause the greatest disruptions in a facility. Disruptions can lead to operational downtime causing loss of revenue and data leaks causing loss of trust. InnoTech Engineering Inc (InnoTech) conducted a Current State Assessment (CSA) on a client’s oil and gas facility which revealed some security vulnerabilities in the client’s network design.

The CSA revealed that the client’s facility had:

Inadequate firewall segmentation
Outdated antivirus software and patches
No backup and recovery policy

So what?

Firewall segmentation – Fight against network freedom with firewalls

Proper firewall segmentation ensures that network access is limited to the correct traffic only, safeguarding data and assets from unauthorized access and intrusion. Consider a museum with different exhibit entrances that can all be accessed using the same key. A staff member who is only authorized to access the antiques wing, could potentially open the animal wing and expose the whole museum to a parade of wild animals. By creating separate keys and locks for each entrance, only authorized personnel will enter the respective areas. Implementing OT firewalls to segment different networks allows you to rest assured that one system’s users and potential problems remain separate from another.

Outdated software and patches – Not the day to be outdated

The longer OT system software and patches have been in use for, the more time potential hackers have of learning where the “chinks in the armour” are. Software specialists focus on finding these vulnerabilities and mitigating them through software updates. By keeping the system up-to-date, there is a higher likelihood that the system will not be breached.

No backup and recovery policy – No policy? That’s a problem.

Ensuring proper backup and recovery for system data ensures that in the event of a data breach, the system data can be found and recovered. Doing back ups infrequently or not at all is like gambling with a facility’s critical data. Creating a policy that outlines processes and who’s responsible, insures a lower chance of data loss.

Why InnoTech?

As a trusted partner of the client and an adept OT consulting company, InnoTech offered to conduct a CSA on the client’s facility. This proved highly advantageous as there were discrepancies the team was able to identify and help mitigate.

What happened and what were the results?

The InnoTech team created a back up and recovery policy that outlined which hosts to be backed up, storage locations, frequency and schedules, and standards for staff.  The latest antivirus software and most recent vendor patches were tested prior to the final install. This was to ensure that they were compatible with the client’s system and wouldn’t cause any unforeseen system disruptions. Then, the firewalls were installed and configured to the system.

Now the client can rest assured that their system is safer now from malicious threats and breaches. They can trust that the policy and processes will help to keep their system monitored, updated, and secured.

For now.

Cybersecurity is an ongoing process that needs to be revisited consistently, you never know what new threat is waiting just around the corner.

DISCUSSION QUESTIONS

Have you recently checked that your OT software system is up to date and are currently being supported by the vendor?

Is your OT network segmented from your enterprise network and Internet, or is your system open to data breaches from all sides?

Help me find out

Read more studies