Case Study
OT Cybersecurity Leads to Insurance Premium Savings
Oil and Gas Midstream | North America
Recognizing that their operations and interconnected control systems were vulnerable to cyber threats, this North American oil and gas midstream operator needed to improve the protection and performance of their ICS/OT networks. In this case study you’ll learn how they collaborated with Mission Secure to establish cybersecurity best practices and improve their preventative security measures, while realizing significant savings on their cybersecurity insurance premiums.
The Customer
The customer is one of the largest and fastest-growing vertically integrated and privately-owned midstream services providers in the U.S., with four plants, 1,300 miles of pipelines, 1.3 billion cubic feet per day of processing capacity, and 90,000 barrels of crude storage capacity. The company's facilities provide gathering, compression, processing, transportation and water management services for natural gas, natural gas liquids, and crude oil.
The company plays an essential role in the daily lives of millions of people, with its outputs providing heat and electricity for homes, factories and organizations of all types. The organization prioritizes reliability and responsibility in providing its services, and ensures that employees have the training, tools and equipment to do their jobs safely.
"Operational safety is the foundation upon which we provide services to our customers. We believe that prioritizing safety is good business, and, through the implementation of first-class systems, controls, policies and practices, we make every effort to create and maintain a culture that puts safety first."
–EVP of Operations
The Challenge
Over several years of rapid growth, the company’s IT and OT network infrastructure had evolved to support its expanding operations, and had incorporated several new technologies that increased the connectivity between physical systems and outside networks.
The company’s management team had become concerned that their operations and interconnected control systems were vulnerable to cyber threats. There was also growing concern around access control for third-party vendors who frequently access the organization's control systems network for support and maintenance.
The organization needed to develop an overall cybersecurity protection strategy for its critical and potentially production processes.
The OT Cybersecurity Solution
The organization launched its cybersecurity effort by working with Mission Secure to conduct an assessment of their existing infrastructure.
Mission Secure conducted reviews with key stakeholders to determine the IT and control system requirements and the operational engineering processes necessary to support refinery operations, and to identify vulnerabilities that could lead to cyber-related incidents within those processes.
On recommendations from the Mission Secure assessment, the customer implemented new OT cybersecurity control measures including Mission Secure segmentation, protection and signal-integrity monitoring to mitigate existing vulnerable systems. They then built a roadmap to address technological gaps and provide protection for the people and processes and governance and incident management needed to address security in the long term.
Next, the customer leveraged Mission Secure’s services team to install all Mission Secure platform components, including the Mission Secure console and cybersecurity appliances at each customer facility. With the Mission Secure platform in place, the customer introduced network visibility and monitoring, network segmentation and protection, and signal-integrity monitoring at each facility to:
- Protect the operational networks from inbound traffic coming from untrusted, connected third-party networks and equipment
- Prevent unauthorized access into the multiple wireless access points around the facilities
- Provide access control and tracking in the main control system communications ring
- Lock down communications to and from engineering workstations and HMI’s
Together, the Mission Secure team and the customer deployed a seamless transition with minimal impact on operations. This implementation helped forge a long-term security partnership that will help the customer:
- Address their business’s changing security needs
- Improve their security incident management
- Regularly review and update their environment as the threat landscape changes
How Did an OT Cybersecurity Strategy Lead To Insurance Premium Savings?
Established Cybersecurity Protection Strategy
A solid cybersecurity strategy can have a considerable impact on an organization’s ability to meet their goals and performance metrics and gain a competitive edge. Working with Mission Secure’s services team, the customer now has a concrete cybersecurity plan specific to their requirements that addresses the people, policies and technologies associated with their production processes. Their unique security roadmap delivers a cost-effective solution without impacting operations and establishes best practices including:
Segregation of Third-Party Networks – Segregating the ICS/OT network improves security and helps control visitor access. The customer has the ability to leverage access control and tracking, control of wireless access points, blocking of unauthorized inbound traffic, segmentation of RIO cabinets/VLANs, and blocking of cellular modems by using the Mission Secure platform.
Control System Asset Protection – Protection of control systems is critical to reducing exposure across all ICS/OT systems. The customer now has comprehensive protection of the PLC ring, individual PLC’s and engineering workstations / HMIs.
Improved OT Network Visibility, Performance And Control
The customer can now observe and map network connections and activity, gain control over their control system networks, users and third-party vendors, and improve network performance by eliminating unauthorized network communications.
Comprehensive Network Monitoring – Continuous OT network monitoring, network mapping and asset discovery, and logging and notification of unauthorized access attempts and network scans through configuration rules.
In one instance, the customer discovered the use of DHCP on the control system network from a third-party vendor’s equipment. The customer deployed a Mission Secure Console Appliance to prevent DHCP leaking into the wider OT network and set up proper rulesets to only allow necessary communications. In another example, the use of Roku and other digital media players was detected on operator stations. The customer created the rulesets required to block these non-essential communications and updated company policies and procedures to explicitly ban their use in control system networks.
As a company, we remain steadfastly focused on the use of technology to ensure operations remain safe and environmentally compliant, and that includes the cybersecurity of our operational control systems. Our work with Mission Secure is part of an on-going effort to maintain operational safety and resilience, including the reduction of cybersecurity risks.
EVP of Operations
The Bottom Line: Reduced Cybersecurity Insurance Premiums
Many cybersecurity insurance premiums are based on an insured organization’s level of cybersecurity protections in place. With the cybersecurity improvements deployed with Mission Secure to reduce their exposure to potential cyber threats, the customer successfully negotiated cybersecurity insurance premium savings of approximately $50,000 per location per year.By taking proactive measures to improve our cybersecurity and establish best practices across our ICS/OT network infrastructure, we were able to take advantage of financial incentives and reduce our cybersecurity insurance premiums.”
Ready to learn more about the Mission Secure platform?
Let's talk! Our OT cybersecurity experts are standing by to help you identify your needs and find the right solution for your organization.