With quantifying and mitigating cyber and operational risk now becoming a board-level priority, oil & gas asset owners are beginning to craft long term risk reduction strategies. To truly mitigate operational and safety risk, oil & gas companies need to fully understand the threats to their OT networks and their origin. One offshore drilling contractor quickly recognized that the first step towards reducing risk was to review potential vulnerabilities on its extensive rig networks.
Early focus of the project was centered on finding and training qualified personnel to map the network and to establish a strategy to protect it. The operational technology (OT) cybersecurity team was tasked with identifying all the existing assets in the network and assessing what the risk levels were. The team’s leader quickly realized that this manual process was an enormous task and that an alternative approach was required. This original initiative risked taking a considerable amount of time, and threats could go unnoticed in such a vast operation connecting multiple oil rigs and offices around the world during that time.
If the team was not going to manually map the control system networks, then how were they going to do it? A different solution was required to accelerate the process. It was ultimately decided that they would implement an OT network monitoring tool. Although deploying this type of technology is widely used in the utility industry, it is still relatively uncommon in the offshore drilling industry. However, centralized oversight was required for an expansive and complex network.
The right tool would be able to keep track of all the devices connected to the network, identify any deviations in the normal baseline of network traffic, and archive the data for future reference. When going through the proof of concept (PoC) and vetting of vendors, the results gave improved visibility into the rig’s critical systems. This provided an initial understanding of how deploying an OT network monitoring tool could help reach the goal of deeper visibility and how this information would prove incredibly valuable in reducing cyber and operational risk. The PoC also proved vital in providing an accurate budget for the project.
Because of the deployment of newer technology on a brownfield site, the company had to strategize on how the operational impact from these changes would be mitigated. A shared concern across the collective oil & gas industry is how implementing any new technology might impact operations and safety and if it will require any design changes. It’s important to find a solution that doesn’t require significant investment in infrastructure, is intuitive, and can be delivered as a turnkey project.
During this project, the company was not just architecting for one control system, multiple control systems throughout the global fleet required monitoring. Everything from the blow out preventer (BOP) to the dynamic propulsion systems (DPS) that prevent the rig from moving off the well head had to be monitored. Since it was not practical to have a sensor on every system, the hardware was strategically placed on choke points in the vessel’s network. The figure below provides a typical illustration of the network monitoring sensor placements for a rig network.
Once the OT network monitoring solution was up and running, unprecedented visibility into process data was available. Not only could cyber risks such as the presence of vulnerabilities on a specific device be identified, but also operational risks, like out of range process values.
A critical requirement for a project like this is a strategic partnership between vendor and client. The cyber landscape is constantly evolving, so it’s critical to partner with a cybersecurity company that will provide long-term support for software, outstanding customer service and a high level of expertise. The value provided by Forescout’s OT network monitoring tool has assisted them in implementing an enterprise-wide risk mitigation strategy. This case study in OT cybersecurity risk management is an excellent model for how the collective oil & gas industry can reduce cyber and operational risk.
To learn more about how OT network monitoring empowers cybersecurity and risk managers in the oil & gas industry with better visibility, check out the case study below or visit us at booth #308 during the API Cybersecurity Conference.