OIL AND GAS
The oil and gas industry or also called the hydrocarbons sector chain corresponds to the set of economic activities related to exploration, production, transport, refining or processing and marketing of non-renewable natural resources known as hydrocarbons (organic material composed mainly of hydrogen and carbon), this set is also made up of the regulation and administration of these activities.
The value chain typically consists of three major areas; (a) exploration and production – upstream, (b) Transport – midstream, and (c) Refining and Marketing – downstream.
The hydrocarbon industry is generally highly regulated, often with price controls and is often the government of ownership and operation. Typically, many of the facilities involved in each of the industry’s processes can come to be considered critical infrastructure and therefore of national interest. This classification should be determined as a result of the criticality assessment using appropriate assessment methods, techniques and models. Suppliers of industrial automation, security, and service systems in conjunction with hydrocarbon operators must ensure compliance with security and cybersecurity standards, such as ISA/IEC-62443, NIST 800-53/82, IEC-61511, API, NPFA, and others. Keeping up with rules and regulations is a challenge.
SECURITY AND COMPLIANCE
Strategies and solutions based on information security technologies and perimeters are not enough to protect against all modern threats against electrical infrastructures. Industrial cybersecurity requires the protection of physical assets, i.e. the domain of physical security. Many programmable logic controllers (PLCs) and controllers for feed water pumps, feed water, valves, furnaces, boilers, turbines, generators, and capacitors are vulnerable due to the lack of built-in cryptographic controls, including: multi-factor authentication, secure boot, secure update, and encrypted secure communications.
In operational technology (OT) environments, risk is measured in terms of industrial safety and system availability. While data privacy is important, often human physical security, industrial process safety, environmental stewardship, and uptime drive the security needs of plants and large SCADA systems.
Our Solution for Security and Risk Management
In the exploration, production, transportation, refining and marketing sectors. Industrial Cybersecurity for Critical Infrastructures
ZCM is a system specially designed for industrial cyber risk management that allows organizations in the hydrocarbons sector to assess cyber risk in their industrial infrastructures and make the best mitigation decisions that really work.
Once the industrial cyber risk has been realized, the ZCM system gives you the necessary tools to create resilient and robust industrial infrastructures to all types of threats, and at the same time comply with international standards (ISA/IEC-62443) and other popular regulations, such as those defined by organizations such as NIST and C2M2.
Design and implement appropriate countermeasures that will actually mitigate intolerable risk.
Operate and maintain industrial infrastructures resilient to all types of threats.