The oil and gas industry has long been in the crosshairs of ICS\ SCADA cyber security threats. These advanced automation networks, collectively known as operational technology, or OT networks, are used throughout the entire upstream and downstream operations lifecycle. The extensive use of these automation systems significantly increases productivity, but at the same time it provides an additional attack surface that threat actors can leverage to inflict material harm.
This document focuses on the offshore exploration drilling sub-segment within the upstream oil and gas operations which is executed by rig contractors for exploration and production (E&P) companies. The rapidly changing liability landscape in offshore drilling, combined with increased recognition of cyber risk, is driving E&P companies to compel rig contractors to implement sound cyber security programs on their vessels as a prerequisite to a drilling contract. This in turn has created an equally strong business imperative for rig contractors to develop cyber security policies and procedures and to seek solutions that align with the unique needs of their OT systems.
Claroty was conceived to secure and optimize operational networks running critical processes like the multiple integrated OT systems that offshore drilling vessels rely upon. Therefore, Claroty was the ideal partner for a rig contractor that sought not only to comply with E&P contractual requirements, but to take a leading role in transforming the cyber security posture of its vessels.
In this case study, we provide a detailed analysis of the unique offshore drilling OT attack surfaces and operational challenges, and walk through one of Claroty’s offshore installations. This concrete example will serve to illustrate the broader cyber security and operational challenges that characterize the oil and gas industry.
Download the case study in full for further information.