A Middle Eastern petroleum refinery wanted to ensure that comprehensive cyber security policies and procedures were applied to its process control systems.
Customer need
The petroleum refinery’s comprehensive security includes military guards along the facility’s perimeters and advanced cyber security measures. Even with these extensive security precautions, the company wanted to ensure that the same level of comprehensive cyber security policies and procedures were applied to its process control systems.
Need
- Review existing cyber security measures
- Identify security gaps
Reduce cyber security vulnerability
To ensure the facility’s advanced security measures took their control systems into account, the refinery chose the ABB Cyber Security Fingerprint to identify strengths and weaknesses for defending against a cyber attack within the plant’s automation systems.
The non-invasive service started by gathering data from all computers associated with the systems and from key personnel, and then compared the data to best practices with ABB’s proprietary, software-based analysis tool. A resulting report provided detailed recommendations to reduce cyber security vulnerability while helping to develop a focused and sustainable security strategy for the control systems.
Results
Even though extensive security measures were already in place, the ABB Cyber Security Fingerprint found opportunities to improve control system security. For instance, outdated and unnecessary software was running and needed to be updated or removed. Security patches for several software versions were missing and also needed to be updated.
In a region where cyber attacks have made world headlines, the highly secure facility initially had reservations about the findings. However, the depth of the report convinced the company to both act on the findings and schedule periodic ABB Cyber Security Fingerprints to confirm the company’s cyber security policies and procedures are always up-to-date.