SMi 2014 Cyber Security Norway, Stavanger (July 2014)

Naeringslivets Sikkerhetsraad, NISlab, GDF Suez, Total, Security Matters, Oxford University...

Arne Røed Simonsen set the scene with results from a 2012 cybercrime survey conducted by the Næringslivets Sikkerhetsråd business and security council. This found a big gap between cyber threats and preventive measures actually in place. Companies are increasingly dependent on critical IT systems and often deploy new technology without risk assessment. There is also decrease in management awareness of such issues.

Siv Hilde Houmb of Gjøvik University College’s NISlab introduced plans for a Norwegian center for cyber and information security along the lines of the US NIST cyber security framework. The unit would issue oil and Cert advisories operators on the Norwegian continental shelf.

Jacques Sibue described the evolution of GDF Suez’ IT with the creation of a security operations center and computer security incident response team. This has leveraged a generic risk management methodology developed under its Asphales program. A tool has been developed to inventorize Scada, IT and data assets and link these to cyber risks and potential consequences.

Total E&P UK’s Ewen MacDonald thinks that the technological solutions to cyber risk can be improved with a few simple practical steps. Inventorizing assets is again key, preferably using intelligent drawing tools like Visio and iPDF. Train personnel on the safe use of their PCs, especially at home! Enemy number 1 is the USB key that users bring to work. Mobile devices likewise present risks as does third party access. One contractor got infected by the Zemra virus that came from a control systems server! MacDonald advocates reducing the number of Microsoft devices on the industrial network. If you have to deploy such, put them in a demilitarized zone.

Damiano Bolzoni presented Security Matters’ ‘SilentDefenseICS’ (SDI) solution that builds on the ESCSWG’s cybersecurity procurement language for energy delivery systems. SDI was built from the ground up with ICS/SCADA in mind and includes self-learning, automatic whitelisting, deep inspection and more. Bolzoni also gave a head-up regarding the EU Densek project, an open-source information sharing and situational awareness platform.

Phil Legg of Oxford University’s Cyber security center introduced the CITD Project. This combines psychology, criminology and a range of IT/analytics to monitor users for anomalous behavior and potential misuse. The system builds an employee profile, learning from usage data in real time. ‘Understanding the human aspect is key to detecting and preventing attacks.’

Gal Luft of the Institute for the analysis of global security warned that energy cyber security is far behind IT security. Large assets such as an FPSO’s dynamic positioning are ‘still connected to external networks.’ More from SMi.

Click here to comment on this article

If your browser does not work with the MailTo button, send mail to with OilIT_1407_14 as the subject. Web use only - not for intranet/corporate use. Copyright © 2014 The Data Room - all rights reserved.