Oil and gas companies are some of the largest in the world, consisting of multiple business units that span crude’s lifecycle—from getting it out of the ground to transporting it, refining it, and selling it to both businesses and consumers.
These immense entities operate with thousands of employees and vendors worldwide connected by both information and operational technology. This span creates an astoundingly complex and extensive attack surface for cyber intruders to exploit.
While industry executives are maturing in their understanding of cybersecurity, many organizations are still unprepared to respond. Perimeter defense remains the priority for a majority of oil and gas companies, given the falling gas prices and decreasing enterprise cybersecurity budgets. At the same time, the technological sophistication of today’s cyber attackers typically exceeds the perimeter defenses deployed by the current security operations centers of most energy companies.
Energy leaders must expand their aperture on cybersecurity to acknowledge the growing inevitability of a cyber attack and protect their companies from ransom, disruption to critical operations, or massive theft of financial or intellectual assets.