Oil and Gas
Digital Convergence – OT and IT
Operation Technology (OT) comprises devices, machines, Programmable Logic Controllers (PLC), Distributed Control Systems (DCS), Industrial Control Systems (ICS, etc. Security is critically important to OT however the focus is Safety and Reliability – insure nobody gets hurt/killed and keep the system running so it produces more product.
OT has historically been air-gapped, isolated and extremely limited connectivity. As OT systems have grown more complex they have introduced substantial IT technology, however most has been imbedded and remained standalone systems.
The value cases that are driving the company require much greater connectivity with the OT environment and much more sensor and device level data. This will expose the OT assets in ways they have never had to contemplate
Use/misuse case modelling to understand Future State requirements, threats and risks
Consolidated view of risks and controls spanning the entire enterprise IT, OT, ICS, Connected Devices, Autonomous Vehicles, Augmented Reality, etc.
Developed a control catalogue based on NIST, ISO, IEC, CSF, etc. and included controls for all compliance requirements including HIPAA, SOX, CCPA and GDPR .
Performed a current state assessment of control to assess their maturity level and risks.
Develop a Future Target State Architecture and Strategic Recommendations
Developed 3-year roadmap to address findings and improve maturity of controls.
Business justified Plan of Action and Milestone.
Go forward strategy that’s aligns security strategy with business objectives
Clearly prioritized initiatives to address high risk items.
Roadmap to help budgeting and provide justification for investment.
Business justified Plan of Action and Milestones (PoAM).