Symantec asks companies to pay more attention to safety
Increasing automation exposes critical information to hackers and worms, says anti-virus leader
Increased automation in the hydrocarbon industry may reduce human error, but introduces risks that may even shut down a plant.
Workforce shortage and the need for faster and more comprehensive data are pushing the hydrocarbon industry towards increased automation. As much as it is helping the industry by giving it a greater technical advantage, Symantec’s director of power and energy solutions, Gary Sevounts, believes that it introduces an element of risk, as the hydrocarbon industry has not yet taken sufficient
“Whether the result of intentional attacks, accidents, or oversights, today’s SCADA [Supervisory Control And Data Acquisition] systems are more vulnerable to infiltration than past proprietary systems,” said Sevounts, who was in Dubai recently. “Therefore, oil and gas companies need to be increasingly vigilant to protect against malicious or unintentional events that could result in downtime or a more serious incident.”
In the offshore oil industry, platforms are almost reaching 80–90% automation. Most valve suppliers today also have an automated option, whereby the SCADA and distribution control systems (DCS) systems are connected to the corporate network to enable easier access of information by the senior management.
This integration of data is absolutely essential to today’s hydrocarbon industry, believes Sevounts, but requires safety systems, so that there is no interruption to the processes.
However, Sevounts is quick to point out that securing every DCS unit is easier said than done.
He said an effective cyber security process begins with the assessment of the vulnerabilities of SCADA and DCS networks and systems on a recurring basis.
Such an assessment is complicated by the multiple SCADA and DCS systems in place at most plants. Another complexity involves the interconnection of corporate networks and control networks; each type of network exposes a unique set of vulnerabilities, all of which must be assessed.
So, Symantec is marketing its oil and gas solution as a way of minimising risk.
Symantec’s Oil and Gas Solution reportedly helps oil and gas companies achieve regulatory and industry standards compliance, ensures plant safety associated with cyber security and avoids penalties associated with supply disruptions and safety issues. The director said that apart from promoting its solution, he is keen to meet companies to discuss various problems they already face to give a tailor-made solution.
He said he understands the hydrocarbon industry, despite being flush with cash, is conservative in its approach to technology.
“The first step towards achieving a safe environment is understanding the problems,” said Sevounts, emphasising on the need for companies to engage in seminars or discussions to understand the extent of the problem.