Intelligent CIO Kuwait Issue 4 | Page 43

SECURITY SPOTLIGHT sites have at least one direct connection to the Internet. In addition, 84% have at least one remotely accessible device and 16% of sites have at least one wireless access point. “There are no compliance regulations obliging oil and gas facilities to report breaches, but we can assume there have been many more breaches than the TRITON attack,” said Neray. “There could be various motivations for attacks on such infrastructure – nation state attacks carried out for political considerations; ransomware attacks; hacktivists objecting to policies or drilling activities; or even attacks designed to steal intellectual property.” With oil and gas installations a significant and potentially lucrative target, attackers are likely to increasingly turn their attention to these facilities, particularly as plants modernise their infrastructures with new, connected IoT and automation systems. www.intelligentcio.com While basic cybersecurity approaches such as patching, encryption and up-to-date AV are necessary in the OT environment, standard out-of-the-box IT network security devices are not effective in industrial facilities, according to Neray. “ THERE ARE NO COMPLIANCE REGULATIONS OBLIGING OIL AND GAS FACILITIES TO REPORT BREACHES. “Industrial cybersecurity requires specialised solutions, since OT systems use unique protocols and non-standard operating systems,” he said. “Industrial cybersecurity systems also need embedded Machine Learning and behavioural analytics to understand routine M2M traffic patterns and detect suspicious activity.” Neray says oil and gas organisations are taking the increased cyber-risk seriously, and are now moving to address vulnerabilities, but that more urgency is needed. “Cyber-risk at OT level is a business risk,” added Neray. “A danger for management teams is that some tend to think of cybercrime as a technical issue rather than as a business risk issue. But cybercrime has the potential to cause millions of dollars in losses, environmental damage, human safety risk, as well as downtime, brand impact, compliance issues and loss of intellectual property.” n INTELLIGENTCIO 43