OUR SOLUTIONS
Cybersecurity is vital to the safety and security of our nation’s critical
infrastructure. Increasing reports of unauthorized access into the
Information Technology (IT) and Operational Technology (OT) systems of
midstream oil and gas companies have prompted regulatory bodies to enact new
requirements onto the owners and operators of oil, natural gas, liquified
natural gas, and other hazardous liquid pipelines or facilities.
Ransomware attacks have become big business for cyber criminals, and for
industrial control systems (ICS) there is the possibility of much greater
consequences when a breach occurs. Malicious attacks on an ICS can lead to
loss of production, damage to physical assets, environmental damage, unsafe
conditions for operators, and putting public health and safety in jeopardy.
Now is the time to seriously evaluate vulnerabilities and fortify
cybersecurity practices.
COMMON CYBERSECURITY CHALLENGES FOR MIDSTREAM OIL AND GAS COMPANIES:
- Volume of legacy control systems in need of modernization
- Constant stream of known vulnerabilities to specific ICS components
-
Lack of IDMZ (Industrial De-Militarized Zone) between Enterprise IT & OT
networks
- Significant financial impact from process downtime
-
Difficulty in operating process control systems if network connectivity to
the outside is lost
-
Logistical challenges in securing and monitoring access to remote sites
-
Inherent vulnerability in using third-party, wireless telecommunication
networks for remote sites
-
Proliferation of ransomware attacks on enterprise IT networks that put OT
networks at risk
WHY EN AUTOMATION IS THE TRUSTED NAME IN MIDSTREAM SYSTEMS INTEGRATION:
-
Automation engineers with extensive experience in midstream pipeline and
facilities operations
-
Field veterans who understand the consequences of interrupting live
control systems
- Subject matter experts in OT network design and implementation
-
Experience applying best practices for ICS cybersecurity and following
regulatory compliance
- Established, long-term industry partnerships
- Expertise across a wide variety of hardware and software platforms
- Nationwide base of professional integrators
-
Effective facilitators with experience coordinating at all levels of a
client organization
An added advantage of collaborating with EN Automation is the facilitation
between engineering and IT to develop OT-specific risk controls such as
incident response plans, specifying supply-chain requirements for product
and service vendors, change management, network standards, and policy for
user access control. EN Automation also offers ongoing support for
regulatory compliance, internal and external audit preparation, on-call
field support, staff augmentation, workshop facilitation, and more services
including:
- Evaluation of current practices and resource utilization
-
Delivery of roadmap to adopt best practices and improve ICS cybersecurity
posture
-
Creation or validation of OT system inventory and comprehensive control
system documentation
-
Risk awareness communication at all levels of the organization through
scenario-based tabletop exercises
-
Detailed risk assessment including threat and vulnerability analyses, and
collecting relevant threat intelligence
-
OT network architecture design/re-design for proper segmentation, remote
access, firewall rules, virtualization, and the use of secure public and
private cloud services
-
Cyber and safety focused process hazard analysis (PHA) facilitation for
new/upgraded systems
-
Prioritized recommendations, planning, and implementation of OT asset
hardening and remediation
-
Implementation of OT network monitoring and continuous threat detection
systems
- OT cybersecurity awareness and response training
EN Automation is an established systems integrator with extensive midstream
experience, and the right partner for your cybersecurity maturity journey.
Contact us today to set up a cybersecurity consultation.