DIGITAL OILFIELD AND THE CYBER RISKS IN THE EVERYDAY WORK. MANAGING OILFIELD DATA IN A MORE UNSECURE WORLD

Authors

  • Robert Kosova Author
  • Irakli Prifti Author
  • Teuta Thanasi Author
  • Elda Cina Author

Keywords:

oilfield, data, security, cyber risk, hacking, management

Abstract

Industrial organizations operating in the oil and gas sector face greatest
challenges today including the pressing need to find and exploit new energy
supplies, greater regulatory pressures, new work requirements and the demands of
a growing data management.
At the same time, oil companies face a serious and growing risk from cyberattacks,
malicious software, and other threats against their IT infrastructure,
scientific and production data and intellectual property.
Extracting value from the computers or networks of unsuspecting oil
companies and government agencies has become a big business and a very
profitable one. No oil company or agency can ignore network security today; it is
the source of systematic risk that threatens long-term health, stability and
profitability of any oil company. Cyber security is and must be part of any corporate
strategy for managing risk and compliance. Cyber security risk management is
becoming a high-level responsibility for any board of executives and one of the
most difficult tasks to deal with.
From the history of hacking and cyber attacking there are plenty of
conclusions and results such as:
It is not difficult at all to hack data from a oil company. More than 90% of successful breaches required only the most basic
techniques to do.
Only 3% of breaches were impossible or unavoidable without difficult or expensive
actions.
Outsiders were responsible for most network breaches.
85% of breaches took a lot of time to be discovered; the average time for
discovering one is five to six months.
96% of successful breaches could have been avoided or prevented if the
victim (oil company) had put in place simple or intermediate controls.
75% of network attacks use publicly known vulnerabilities in commercial
software that could be prevented by regular patching.
One study found that most of antivirus software missed as much of 95% of
malware in the first few days after its introduction.
Another study on internet and network security found that 25% of malware
is not detected by current antimalware or software techniques.
In this paper we will look at how oil and gas organizations can measurably
improve their security posture – not only by deploying sophisticated technologies
or strategies, but mostly and instead by simply following the basics of commonsense
and effective cyber security.

Cover image Volume 1, No. 4, 2014

Downloads

Published

2014-10-01

Issue

Vol. 1 No. 4 (2014): SIPARUNTON - International Journal of Interdisciplinary Research

Section

Articles