oil pipelines

Case Study

OT Cybersecurity Leads to Insurance Premium Savings

Oil and Gas Midstream | North America

Recognizing that their operations and interconnected control systems were vulnerable to cyber threats, this North American oil and gas midstream operator needed to improve the protection and performance of their ICS/OT networks. In this case study, you’ll learn how they collaborated with Mission Secure to establish cybersecurity best practices and improve their preventative security measures to realize significant cost savings on cybersecurity insurance premiums.

Established Cybersecurity
Protection Strategy
+
Improved OT Cybersecurity
and Performance
=
$50K in Cyber Insurance Savings per Site per Year

oil refinery facility

The Customer

The customer is one of the largest and fastest-growing vertically integrated and privately-owned midstream services providers in the U.S. with 4 plants, 1,300 miles of pipelines, 1.3 Bcf/d of processing capacity, and 90,000 barrels of crude storage capacity. They provide the gathering, compression, processing, transportation and water management services required to bring natural gas, natural gas liquids, and crude oil to market. With outputs providing heat and cooling for homes and businesses and generating electricity to power homes, factories and organizations of all types, they focus on doing so reliably and responsibly, and ensuring employees have the training, tools and equipment to do their jobs safely.

Operational safety is the foundation upon which we provide services to our customers. We believe that prioritizing safety is good business, and, through the implementation of first-class systems, controls, policies and practices, we make every effort to create and maintain a culture that puts safety first."
–EVP of Operations

The Challenge

Since their IT and OT network infrastructure had grown rapidly over time, the customer was concerned that their operations and interconnected control systems were vulnerable from a cyber threat perspective. To support the company’s fast-growing multiple refining operations, their control system infrastructure had evolved quickly, and they felt their operations cybersecurity, including passwords, basic firewalls and endpoint protection, was less than optimal. There was also concern around access control for third-party vendors who frequently access their control systems network for support and maintenance. They wanted to develop an overall cybersecurity protection strategy for their critical and very volatile production processes.

The OT Cybersecurity Solution

The customer launched their improvement efforts by working with Mission Secure to conduct an assessment of its existing infrastructure. They conducted reviews with key stakeholders to: determine the IT and control system requirements and the operational engineering processes necessary to support refinery operations and to identify vulnerabilities that could lead to cyber-related incidents within those processes.

On recommendations from the Mission Secure assessment, the customer implemented new OT cybersecurity control measures including Mission Secure segmentation, protection and signal-integrity monitoring to mitigate existing vulnerable systems. They then built a roadmap to address technological gaps and provide protection for the people and processes and governance and incident management needed to address security in the long term.

The customer worked with Mission Secure for their subject matter expertise to design a working solution for their overall ICS / OT network architectures. Next, they leveraged Mission Secure’s services team to install all Mission Secure Platform components, including the Security Management Console and Security Appliances at each customer facility. With the Mission Secure Platform and 24/7 Managed Services in place, the customer introduced network visibility and monitoring, network segmentation and protection, and signal-integrity monitoring at each facility to:

  • Protect the operational networks from inbound traffic coming from untrusted, connected third-party networks and equipment
  • Prevent unauthorized access into the multiple wireless access points around the facilities
  • Provide access control and tracking in the main control system communications ring
  • Lock down communications to and from engineering workstations and HMI’s

Together, the Mission Secure team and the customer deployed a seamless transition with minimal impact on operations. This implementation helped forge a long-term security partnership that will help the customer:

  • Address their business’s changing security needs
  • Improve their security incident management
  • Regularly review and update their environment as the threat landscape changes

How Improved OT Cybersecurity Performance and Strategy Led To Significant Insurance Premium Savings

cybersecurity protection shield

Established Cybersecurity Protection Strategy

systems visibility monitoring

Improved OT Network Visibility, Performance and Control

cybersecurity insurance person

Reduced Cybersecurity Insurance Premiums

Established Cybersecurity Protection Strategy

A solid cybersecurity strategy can have a considerable impact on an organization’s ability to meet their goals and performance metrics and gain a competitive edge. Working with Mission Secure’s services team, the customer now has a concrete cybersecurity plan specific to their requirements that addresses the people, policies and technologies associated with their production processes. Their unique security roadmap delivers a cost-effective solution without impacting operations and establishes best practices including:

  • Segregation of Third-Party Networks – Segregating the ICS/OT network improves security and helps control visitor access. The customer has the ability to leverage access control and tracking, control of wireless access points, blocking of unauthorized inbound traffic, segmentation of RIO cabinets/VLANs, and blocking of cellular modems by using the Mission Control platform.
  • Control System Asset Protection – Protection of control systems is critical to reducing exposure across all ICS/OT systems. The customer now has comprehensive protection of the PLC ring, individual PLC’s and engineering workstations / HMIs.
oil refinery employee

Improved OT Network Visibility, Performance and Control

The customer can now observe and map network connections and activity, gain control over their control system networks, users and third-party vendors, and improve network performance by eliminating unauthorized network communications.

  • Comprehensive Network Monitoring – Continuous OT network monitoring, network mapping and asset discovery, and logging and notification of unauthorized access attempts and network scans through configuration rules. In one instance, the customer discovered the use of DHCP on the control system network from a third-party vendor’s equipment. The customer deployed a Mission Secure Security Appliance to prevent DHCP leaking into the wider OT network and set up proper rulesets to only allow necessary communications. In another example, the use of Roku and other digital media players was detected on operator stations. The customer created the rulesets required to block these non-essential communications and updated company policies and procedures to explicitly ban their use in control system networks.
  • 24/7 Managed Services – The customer also utilizes Mission Secure for 24/7 Managed Services to manage visibility, protection, threat hunting, and incident response support for their facility’s operations control system networks to improve cybersecurity resilience.
As a company, we remain steadfastly focused on the use of technology to ensure operations remain safe and environmentally compliant, and that includes the cybersecurity of our operational control systems. Our work with Mission Secure is part of an on-going effort to maintain operational safety and resilience, including the reduction of cybersecurity risks."
–EVP of Operations
By taking proactive measures to improve our cybersecurity and establish best practices across our ICS/OT network infrastructure, we were able to take advantage of financial incentives and reduce our cybersecurity insurance premiums.”
–EVP of Operations
Reduced Cybersecurity Insurance Premiums

Many cybersecurity insurance premiums are based on an insured organization’s level of cybersecurity protections in place. With the cybersecurity improvements and 24/7 managed services deployed with Mission Secure to reduce their exposure to potential cyber threats, the customer successfully negotiated cybersecurity insurance premium savings of approximately $50,000 per location per year.

Mission Secure Products and Services Used by this Oil and Gas Operator

MISSION SECURE OT CYBERSECURITY PLATFORM:

This platform was purpose-designed for each processing facilities’ needs and its unique network architecture and was quickly installed with no disruption to operations.

Mission Secure 24/7 Managed Services:

The customer leverages Mission Secure for 24/7 Managed Services to manage visibility, protection, threat hunting, and incident response support for their facility’s operations control system environments.

Mission Secure Full Onsite OT Network Assessment:

This assessment included network monitoring, packet capture and analysis; network penetration testing; documentation of findings and recommendations; executive presentations; and go forward design guidelines.

Lock down your operations with a purpose-built OT cybersecurity solution.

Stop cyber threats head-on and safeguard your operations
with 24/7 military strength and industrial-grade protection.

Get a Demo