Font Size

- Aa +

Thu 19 Sep 2019 11:36 AM

Font Size

- Aa +

The biggest oil and gas threat isn't drones. It's cyber

Brand View: With almost 50 percent of all cyber attacks in the Middle East directed at energy companies that generate most of the region's income, security of computers and other digital networks is critical

The biggest oil and gas threat isn't drones. It's cyber

Middle East oil and gas companies are attacked on a daily, perhaps even hourly, basis. Few make headlines or cause explosions. These agressions are purely virtual.

With almost 50 percent of all cyber attacks in the Middle East directed at the energy companies that generate most of the region’s income, security of computers and other digital networks is critical.

Cyber security breaches in the region are widespread and frequently undetected, with 30% of attacks targeting operational technology (OT), according to a study by Siemens and Ponemon Institute. Two-thirds of respondents in the study’s survey experienced at least one security compromise resulting in unrestricted information loss or operational disruption in the OT environment in the past year.

Intrusions have traditionally targeted Information Technology (IT) environments such as PCs and workstations. But with more digitalization and the convergence of IT and OT, there is a new threat to confront as industry gets more connected.

While companies in the region have begun to invest in protecting their assets from cyber threats, more needs to be done. Oil and gas producers in the Middle East dedicate only a third, on average, of their total cyber security budget to securing the OT environment. This suggests that organizations are not aligning their cyber investments with where they are most vulnerable.

Securing this infrastructure requires new solutions and partners who have the expertise in everything from sensors and software to the pumps, transformers and other equipment used in the industry.

To secure OT infrastructure, Siemens developed a four step approach:

  • Intrusion detection: Siemens uses artificial intelligence and unsupervised machine learning to create a baseline for normal behavior of the network’s communication. The company then passively monitors the entire network and determines anomalies in real time, without configuration or pre-set conditions.
  • Assessment: Siemens inspects and monitors the asset to determine weaknesses or threat gaps within the OT network and among its component systems. Implementing appropriate security could include imposing one-way communication with information flowing only out from an asset.
  • Automation: Siemens makes sure the latest software and hardware updates are available and installed for the entire automation system
  • Finally, Siemens ensures that in the case of any security incident, there is a plan in place to get the plant back online as soon as possible.

To protect critical infrastructure, oil and gas companies in the Gulf Cooperation Council must accerlerate the implementation of cyber security controls, starting with connecting their critical assets to fully benefit from digitalization. By using the technology underpinning the fourth industrial revolution, the industry will be able to monitor and confront attacks on their infrastructure, in real time.

Ziad Al-Sati, Head of Controls & Digitalization for MENA, Power Generation Services at Siemens

Brand View allows our business partners to share content with Arabian Business readers.
The content is supplied by Arabian Business Brand View Partners.

For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.