Speeding Up OT Network Security Posture of Large Energy Company

Energy companies have to maintain a constant level of operating efficiency, to provide energy to millions of customers at any given time. When attackers get access to OT networks, it not only results in an interruption of operating associated with unexpected costs, but it can also have an impact on the safety of employees. By conducting a security assessment the security gaps, holes and misconfigurations of a company can be identified and breaches can be prevented.

OTORIO Helps Large Energy Company Rapidly Ramp-Up OT Network Security Posture

Headquartered in South America and serving millions of customers in nine Latin American countries, an energy producer and distributer contacted OTORIO in order to assist them im ramping up their OT network security posture.

The Challenge

Given the volatile cybercrime and cyberterrorism climate and the energy industry's known vulnerability to cyberattacks, the company's senior management wanted to assess and improve their OT security posture. Their existing OT security was limited to vendor-based systems that were remotely monitored, and disconnected from the company's IT security.

Moreover, the energy company's regulatory obligation to report daily on energy creation and distribution necessitated the de facto convergence of their IT and OT networks - with data flowing constantly from OT-connected devices and equipment, through the IT network and to the Internet. This made an immediate OT network vulnerability scan, risk assessment, and security awareness training plan mission-critical.

The Solution

The energy giant chose OTORIO to conduct a full and comprehensive OT risk assessment of the company's five core locations in Peru, Bolivia, Nicaragua and Guatemala. These sites include hydroelectric, gas, coal and wind power generation facilities.

Working fully remotely under COVID-19 pandemic restrictions, OTORIO first conducted in-depth workshops with the IT and OT teams at each site, to better understand the network architecture and topography. Once the OTORIO team had a clear picture of the networks in question, they leveraged OTORIO's RAM² technology to take a deep-dive into each network's security posture, looking for gaps, holes and misconfigurations that could facilitate a breach.

Some of the specific areas where OTORIO helped the energy company to improve existing OT cybersecurity policies and procedures include:

• Improve security controls and enforce cybersecurity policies on SCADA PCs connected to the internet
• Ensuring secure remote access in the supply chain
• Separate the IT and OT networks. Especially when it comes to company infrastructure, identity and data management, IT and OT network segmentation can have a major positive impact on OT cybersecurity.
• Finally, the OTORIO training team created and implemented a security awareness and ICS cyber security training plan for all relevant staff.

The Benefits

OTORIO delivered a comprehensive security assessment report, providing senior management with a full picture of the company's OT security posture. Since the OTORIO team took the time to truly understand the OT-connected business processes of each company location, all vulnerabilities discovered were contextualized according to their potential real-world business impact - facilitating more efficient remediation prioritization.

Following the OTORIO assessment, the company was able to quickly remediate and tighten site-specific OT network vulnerabilities. Moreover, the company created and implemented granular OT network security policies regarding various attack scenarios, as well as minimum threshold security requirements for all site hardware and software. In addition, the company was able to segment their OT network more effectively, creating secure zones that helped restrict access for unauthorized users to sensitive equipment - including the equipment vendors themselves.

With OTORIO, the energy company today faces existing and emerging cyberthreats with a new confidence and advanced toolbox - ensuring energy production uptime and safeguarding business continuity.

"We chose OTORIO because they understand the unique OT security needs of the energy sector. OTORIO's Threat Intelligence and Risk Assessment helped my team to improve our security posture. Likewise, our operations team benefited from learning OT cybersecurity best practices from the best in the business." ~ Global Energy Company CISO