In a recent post, we discussed the growing cybersecurity threat faced by oil and gas companies as they increase their use of Internet of Things (IoT) devices, machine-to-machine (M2M) communications, and supervisory control and data acquisition (SCADA) systems. The “high-tech oilfield” relies on these tools to transmit data from pipelines and equipment to central operations centers, where analytics tools are used to detect potential problems and safety concerns. This convergence of operational technology (OT) and information technology (IT) dramatically increases the risk of a security breach.
Our post was based upon an Associated Press report of a spike in security breaches targeting oil and gas companies operating along the Texas Gulf Coast. Now a new study by the Ponemon Institute shows how pervasive the problem is and suggests that energy companies may not be doing enough to address cybersecurity risks.
For its report, The State of Cybersecurity in the Oil and Gas Industry: United States, the Ponemon Institute surveyed 377 people who are responsible for securing or overseeing cyber risk in the OT environment. Most respondents described their organization as being in the early to middle stage of maturity with respect to OT cyber readiness. Just 35 percent of respondents rated their organization’s cyber readiness as high. Sixty-one percent said their organization has difficulty mitigating cyber risks across the oil and gas value chain, from exploration and production through transportation, processing, distribution and sales.
Fifty-nine percent of respondents believe there is a greater risk in the OT environment than the IT environment, and 61 percent said the cybersecurity measures protecting their organization’s industrial control systems are inadequate. Not surprisingly, 68 percent said they have experienced at least one security breach in the past year, resulting in the loss of sensitive information or OT disruption.
Eighty percent of respondents say that insider threats are the No. 1 risk — 65 percent are most concerned about negligent or careless insiders, while 15 percent are worried about malicious or criminal insiders. Both threats can be mitigated through the use of advanced monitoring solutions capable of spotting suspicious user behavior. However, only 41 percent of respondents said they continually monitor the OT infrastructure to detect threats and attacks.
Survey respondents identified the following technologies as “very effective” in mitigating risk:
- user behavior analytics (63 percent)
- hardened endpoints (62 percent)
- encryption of data in motion (62 percent)
However, the security technologies that are considered most effective aren’t extensively deployed. Asked which technologies they plan to use within the next 12 months, only 48 percent say they will encrypt data in motion, only 39 percent will deploy hardened endpoints, and only 20 percent will adopt user behavior analytics.
SageNet has specific expertise in the energy sector, and a practice dedicated to cybersecurity. Our team can help oil and gas companies develop a security and risk management strategy, select and deploy the right security tools, and effectively monitor the IT and OT environment to detect and respond to threats.
The Ponemon survey indicates that cybersecurity measures in the energy sector aren’t keeping pace with the growth of digitalized operations and the rise of threats targeting the OT environment. SageNet can help oil and gas companies implement sensible measures that improve cyber readiness and help prevent a potentially devastating breach.