Please use another Browser
It looks like you are using a browser that is not fully supported. Please note that there might be constraints on site display and usability. For the best experience we suggest that you download the newest version of a supported browser:Continue with the current browser
Disrupting threats in the digital age, to keep critical infrastructure up and running
Digitalization and Security in the Energy Sector
We all know that our world is becoming ever more connected. Billions of intelligent devices and machines are generating massive amounts of data that creates enormous potential for businesses and other organizations to optimize their operations and obtain important efficiencies. Digitalization creates not only these important opportunities, but also significant challenges. In particular, greater connectivity presents the potential for risk if not recognized and managed.
It is with growing concern that hackers are increasingly targeting operational technology (OT), essential for availability, production and safety of critical infrastructure. Attacks against OT have ballooned from 5% to 30% in the last few years. Energy companies make up a majority of these attacks – a spike driven by aging assets, outdated security practices and increased connectivity.
The attached provides a high-level overview of both the benefits and challenges from digitalization in the energy sector. This study covers topics such as:
Are we ready for the next cyber attack?
A survey last year of managers in the U.S. oil and gas industry reveals that the deployment of cybersecurity measures isn’t keeping pace with the growth of digitalization in their sector’s operations. The Ponemon Institute, in its The State of Cybersecurity in the Oil & Gas Industry: United States, found that just 35 percent of respondents rated their organization’s operational technology (OT) cyber readiness as high.
Additional key findings in this first-of-a-kind study related to cyber readiness, risks and challenges include:
Defense in Depth
The convergence of software, data and connected devices, commonly referred to as the Internet of Things, brings unprecedented opportunities to industrial companies like real time operations optimization and prescriptive analytics. This sweeping technological transformation also introduces a wide array of security threats that require a layered defense approach to detect, respond and remediate at all levels of operations.
To ensure comprehensive protection of production environments, all levels must be protected simultaneously, from field automation to corporate management systems. Siemens helps industrial companies build layered defenses with a comprehensive security solution that addresses the three pillars of industrial control systems: system and software integrity, network security and plant security. Our methodology:
Security requirements for industrial control systems differ significantly from the requirements of corporate IT. Designing and implementing a secure industrial network requires core competencies in both cyber security and industrial automation. Siemens pairs depth of expertise in these disciplines with an understanding of specific customer business objectives, operating requirements, and security posture.
Armed with best practices in architecture, design and management developed across thousands of global client deployments, Siemens helps customers keep their network from becoming their weakest link.
We customize a security roadmap for each client
The combined security intelligence and modular design of Siemens switching and routing equipment enable clients to address complex interconnected network topologies, and prevent disruption of mission critical applications.
Our integrated software enables secure access management and authentication of distributed devices, as well as continuous network monitoring and threat detection to prevent network intrusions in real-time.
As the potential for cyber attacks grows, an early warning system designed to protect industrial control systems has emerged as a complement to defense in depth strategies.
Learn more about this breakthrough capability and technology partnership.
Incident Readiness and Resilience
Gain transparency on the security status of your industrial operations and proactively defend against potential cyber attacks with the help of our cyber security experts.
The Siemens Cyber Security Operation Centers (CSOCs) proactively monitor global threat activity on a continuous basis, and provide a broad range of services including:
The CSOCs translate security intelligence into the real-time actions, enabling clients to stay focused on running their operations.
Operational Threat Consulting
Siemens operational threat consultants help clients document, test and improve their security posture using tailored cyber security strategies. Our best practice approach helps protect corporate operations against a backdrop of dynamic threats, compliance requirements and outdated security standards.