Oil and Gas Cybersecurity

Protecting Critical Infrastructure and Assets Against Cyber Threats with End-to-end Integration

Download the Report

Oil and gas companies own and manage major pieces of critical infrastructure that are vital not only to company operations but also to the nation’s economic and military well-being. Upstream, midstream, and downstream operations are valuable targets for cyber threats from adversaries with a variety of motives—from personal profit to industrial espionage to economic disruption. Due to the critical nature of these facilities, oil and gas companies also face stringent cybersecurity regulations.

Clearly, the cyber risks facing the oil and gas industry are significant. An attack on the supervisory control and data acquisition (SCADA) system that operates an offshore rig, oil well, pipeline, or refinery—or Internet-of-Things (IoT) devices that provide monitoring data to such systems—can have devastating consequences. These could include expensive damage to facilities, lengthy supply disruptions, and even injury and loss of life for employees, bystanders, and nearby residents. And attacks on corporate infrastructure could compromise intellectual property such as exploration data surveys, as well as pose data security risks for business and personnel information.

For more than a decade, Fortinet has provided comprehensive security solutions for the oil and gas industry and its infrastructure—from land-based and offshore drilling sites, to refineries and pipelines, to the corner gas station. The Fortinet Security Fabric enables end-to-end security integration across the entire infrastructure.

Fortinet Oil and Gas Cybersecurity Solutions

Fortinet Oil and Gas Cybersecurity Solutions

자세히 읽기
A Security Approach for Protecting Converged IT and OT

A Security Approach for Protecting Converged IT and OT

자세히 읽기
Understanding the Complexities of Digital OT Security

Understanding the Complexities of Digital OT Security

자세히 읽기

Key Oil and Gas Cybersecurity Challenges

cost

Cost Optimization

Cost efficiency is a top priority in the oil and gas industry, as the market is subject to wild fluctuations in price. This volatility means that a company can easily go from significant profitability to an operating loss in a matter of days.

In this environment, replacing expensive, older equipment due to security vulnerabilities is sometimes out of the question, necessitating security workarounds that must be designed in such a way as to not impede operations. Many companies have multiple pieces of infrastructure with these kinds of vulnerabilities, stretching finite cybersecurity resources.

The cybersecurity skills shortage means that hiring additional team members to address these issues is costly, and it may be impossible to find some specific skills in the labor market at any price. Regardless, adding more staff does not address the core problem that manual security processes are inadequate to deal with threats that move at machine speed. 

web icon vertical visibility

Visibility Across IT and OT Systems

The proliferation of Industrial Internet-of-Things (IIoT) devices that feed different kinds of data into supervisory control and data acquisition (SCADA) systems eliminates, in many cases, the air gap that has historically kept them relatively safe from cyberattacks. This expands a company’s attack surface, and the problem is exacerbated by the fact that many IoT devices are headless and thus cannot be updated with security patches. Trends such as the near-universal adoption of multi-cloud networks and growing use of mobile devices compound the problem.

To plug these security holes, organizations often deploy a multitude of point security products that are not integrated. The resulting security silos create complexity and obfuscate visibility, delaying threat detection, prevention, and response. This increases the risk that a fast-moving threat will get through before it is detected through manual processes.

Operational Efficiency

Operational Efficiency

This architectural fragmentation also increases operational inefficiencies for the cybersecurity team. Without end-to-end integration of all security elements, automation of security processes is impossible, and many security workflows must be managed manually. Highly paid security engineers end up devoting significant time to correlating logs from different security tools and manually preparing reports.

Architectural silos also create redundancies in management of applications and even in software and hardware licensing, decreasing the efficiency of the teams in legal, procurement, and finance that manage those licenses. Organizations may also find that their technology spend is higher because of the use of multiple vendors and overlapping features in different products that a company might own.

web icon vertical customer experience

Customer Experience

Fuel retailers engage with their customer base through a variety of electronic means, including point-of-sale (POS) infrastructure, mobile apps, and loyalty cards. Protecting those interactions against cyber threats is paramount for both compliance and maintenance of brand value. And that brand value primarily reflects on upstream, midstream, and downstream providers, given that these retailers typically carry the logos of major producers.

compliance reporting

Compliance Reporting

Energy companies are subject to a wide array of regulations and standards, from environmental requirements for drilling and refining to cybersecurity regulations. They must be able to demonstrate compliance with multiple regulations and standards without redeploying staff from strategic initiatives to preparing audit reports. Unfortunately, a disaggregated security architecture makes this impossible. Failure to demonstrate compliance can damage brand reputation and result in substantial fines and penalties.

Corporate infrastructures contain a variety of business-critical data, and Fortinet provides an integrated security architecture from the data center to multiple clouds to the edge.

Learn More
While many OT systems are now connected, a significant minority remain air gapped. However, this does not eliminate cybersecurity risk, as software updates can be compromised.

Learn More
Fortinet solutions help organizations involved in energy extraction to protect a complex infrastructure in remote locations, both on land and offshore.

Learn More
Wholesale transport expands the physical attack surface by hundreds of miles, and the Fortinet Security Fabric covers it with end-to-end integration.

Learn More
Refineries are targets for both physical and cyber attackers. The Fortinet Security Fabric protects cyber and physical security in a holistic way.

Learn More
Oil and Gas retail locations upstream midstream downstream corporate
Click on a specific section of the diagram to get more details

Fortinet Differentiators for Oil and Gas Cybersecurity

integration

Integrated Architecture

The Fortinet Security Fabric provides a single-vendor, end-to-end, integrated security architecture across IT and operational technology (OT), for every phase of the production process, from protection to detection to response—for greater visibility and control.

broad

Networking, Cybersecurity, and Physical Security

Fortinet delivers the ability to consolidate networking, cybersecurity, and surveillance functions into a single pane of glass—whether at headquarters, a remote drilling site, or the corner gas station.

rugged appliance

Ruggedized Security Appliances

Fortinet offers a broad selection of ruggedized appliances to fit all environmental needs, to provide cybersecurity protection for all phases of the production and delivery process.

web icon vertical high performance

High Performance

Fortinet next-generation firewalls (NGFWs) have capabilities for working in complex, remote environments and deliver top performance even with secure sockets layer (SSL)/transport layer security (TLS) inspection activated. Fortinet is recognized as a Leader in the Gartner Magic Quadrant for Network Firewalls and achieved the best score in the NGFW Security Value Map from NSS Labs.

threat intelligence

Robust Threat Intelligence

In addition to identifying IT-specific threats, FortiGuard Labs provides robust intelligence on threats specific to OT systems as a result of 15 years of work in the field. To detect zero-day threats, Fortinet has been analyzing files using artificial intelligence (AI) and machine learning (ML) for eight years, with unparalleled accuracy.

partner handshake

Extensive Partner Network

The Fortinet Fabric-Ready Partner program includes the industry’s largest network of partners with specific experience in OT and industrial systems.

defense

Broad Security with Minimal Devices

Fortinet delivers a wide variety of security and networking functions delivered in a single box, when competitive solutions often require multiple devices—and multiple license expenditures—for the same capabilities.

Securing Upstream Infrastructure

Organizations involved in energy extraction must protect a complex infrastructure in remote locations, both on land and offshore. These sites are valuable targets for hackers whose objective is operational disruption, environmental terrorism, or even injury and loss of life for employees and members of the surrounding community.  

To protect these sites, every aspect of security, from industrial control systems to physical security, must be integrated for centralized visibility and control. Electronics and surveillance infrastructure at a small drilling site should be as heavily protected as the corporate data center—and equally visible to the security operations team.

The Fortinet Security Fabric offers comprehensive, integrated cyber and physical security for the oil and gas industry. FortiGate Rugged Series next-generation firewalls (NGFWs) and FortiAP Outdoor Series wireless access points provide robust security protection while withstanding the rugged extremes of drilling and exploration sites on land and water. FortiCamera and FortiRecorder protect against physical intrusion, while Fortinet Secure SD-WAN and Fortinet SD-Branch provide secure networking to the remote site. Threat detection, management and analytics, and access control tools, usually delivered from the corporate infrastructure at headquarters, provide layers of security for these vulnerable remote sites.

FortiAP delivers secure, wireless access to distributed enterprises and branch offices and can be easily managed as a physical appliance or via the cloud. FortiSwitch offers a broad portfolio of secure, simple, and scalable Ethernet access layer switches to deliver superior security, performance, and manageability. FortiCamera offers a suite of secure, network-based video cameras to incorporate physical cybersecurity with network cybersecurity and bolster protection against cyber-physical attacks. FortiRecorder records footage from cybersecurity cameras with scheduled or manual recording and continuous or motion-activated activation. Rugged FortiGate next-generation firewalls (NGFWs) are built for harsh industrial environments, offering oil and gas companies industrially hardened, all-in-all NGFW that delivers top-rated protection and high-performance inspection of clear-texted and encrypted traffic. FortiSIEM simplifies security information and event management by delivering visibility, automated response, and fast remediation in a single solution. FortiDeceptor complements an organization’s existing breach protection strategy by deceiving, exposing, and eliminating attacks originating from internal and external sources before real damage occurs. FortiAnalyzer provides analytics-powered cybersecurity and log management to provide better detection against breaches. FortiNAC provides visibility across the entire network and the ability to control access for all devices and users, including dynamic, automated responses. FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. FortiPresence provides insight into the physical movement of people within OT sites both in real time and across time periods by leveraging the existing onsite Fortinet access points to detect each person’s smartphone Wi-Fi signal. FortiInsight user and entity behavior analytics (UEBA) technology detects behavioral anomalies and noncompliant activity that may represent possible insider threats.
Upstream Infrastructure diagram fortiap fortiswitch forticamera fortirecorder rugged-ngfw fortisiem fortideceptor fortianalyzer fortinac fortimanager fortiauthenticator fortitoken fortisandbox fortipresence fortiinsight
Click on a specific section of the diagram to get more details

Securing Midstream Infrastructure

The wholesale transport of petroleum expands an organization’s physical attack surface by hundreds or thousands of miles, and the connections between the different elements of this infrastructure involve both upstream and downstream processes. Pipelines are subject to both accidental leaks and physical sabotage, and the supervisory control and data acquisition (SCADA) systems and Internet-of-Things (IoT) devices that monitor and control them are often vulnerable. A successful attack can be catastrophic, with the potential for massive environmental damage and loss of life.

Midstream operators would do well to utilize the Purdue Enterprise Reference Architecture as a standard in designing their electronic infrastructure. The Purdue model calls for cyber and physical security to be protected holistically as a part of an end-to-end, integrated security architecture.

The Fortinet Security Fabric makes this possible with integrated cybersecurity, physical security, and secure networking. FortiGate Rugged Series next-generation firewalls (NGFWs) and FortiAP Outdoor Series wireless access points provide robust security protection while withstanding the remote outdoor environments that must be covered. Surveillance solutions protect against physical intrusion, while Fortinet Secure SD-WAN and Fortinet SD-Branch provide secure networking to pumping stations and other remote sites. A wide range of threat detection, management and analytics, and access control tools are delivered from headquarters to provide comprehensive security.

FortiAP delivers secure, wireless access to distributed enterprises and branch offices and can be easily managed as a physical appliance or via the cloud. FortiSwitch offers a broad portfolio of secure, simple, and scalable Ethernet access layer switches to deliver superior security, performance, and manageability. FortiCamera offers a suite of secure, network-based video cameras to incorporate physical cybersecurity with network cybersecurity and bolster protection against cyber-physical attacks. FortiRecorder records footage from cybersecurity cameras with scheduled or manual recording and continuous or motion-activated activation. Rugged FortiGate next-generation firewalls (NGFWs) are built for harsh industrial environments, offering oil and gas companies industrially hardened, all-in-all NGFW that delivers top-rated protection and high-performance inspection of clear-texted and encrypted traffic. FortiSIEM simplifies security information and event management by delivering visibility, automated response, and fast remediation in a single solution. FortiDeceptor complements an organization’s existing breach protection strategy by deceiving, exposing, and eliminating attacks originating from internal and external sources before real damage occurs. FortiAnalyzer provides analytics-powered cybersecurity and log management to provide better detection against breaches. FortiNAC provides visibility across the entire network and the ability to control access for all devices and users, including dynamic, automated responses. FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. FortiPresence provides insight into the physical movement of people within OT sites both in real time and across time periods by leveraging the existing onsite Fortinet access points to detect each person’s smartphone Wi-Fi signal. FortiInsight user and entity behavior analytics (UEBA) technology detects behavioral anomalies and noncompliant activity that may represent possible insider threats.
midstream infrastructure diagram fortiap fortiswitch forticamera fortirecorder rugged-ngfw fortisiem fortianalyzer fortimanager fortideceptor fortinac fortiauthenticator fortitoken fortisandbox fortipresence fortiinsight
Click on a specific section of the diagram to get more details

Securing Downstream Infrastructure

Refineries and other processing locations are also targets of both physical and cyberattackers, and either type of attack can cause significant physical danger to employees and the general public. Successful attacks can also impact the national economy with supply shortages. Threats can emanate from the outside, the inside, and from third parties. And while some insider attacks may be deliberate, others may be accidental.

To provide protection in such a volatile location, security teams need single-pane-of-glass visibility into the entire network, as well as the surveillance infrastructure.

The Fortinet Security Fabric protects cyber and physical security at these facilities in an integrated and holistic way. FortiGate Rugged Series next-generation firewalls (NGFWs) and FortiAP Outdoor Series wireless access points provide robust security protection while withstanding a variety of environmental challenges. Video surveillance solutions protect against physical intrusion, while a wide range of threat detection, management and analytics, and access control tools—often delivered from headquarters—provide layers of security for the site.

FortiAP delivers secure, wireless access to distributed enterprises and branch offices and can be easily managed as a physical appliance or via the cloud. FortiSwitch offers a broad portfolio of secure, simple, and scalable Ethernet access layer switches to deliver superior security, performance, and manageability. FortiCamera offers a suite of secure, network-based video cameras to incorporate physical cybersecurity with network cybersecurity and bolster protection against cyber-physical attacks. FortiRecorder records footage from cybersecurity cameras with scheduled or manual recording and continuous or motion-activated activation. Rugged FortiGate next-generation firewalls (NGFWs) are built for harsh industrial environments, offering oil and gas companies industrially hardened, all-in-all NGFW that delivers top-rated protection and high-performance inspection of clear-texted and encrypted traffic. FortiSIEM simplifies security information and event management by delivering visibility, automated response, and fast remediation in a single solution. FortiDeceptor complements an organization’s existing breach protection strategy by deceiving, exposing, and eliminating attacks originating from internal and external sources before real damage occurs. FortiAnalyzer provides analytics-powered cybersecurity and log management to provide better detection against breaches. FortiNAC provides visibility across the entire network and the ability to control access for all devices and users, including dynamic, automated responses. FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. FortiPresence provides insight into the physical movement of people within OT sites both in real time and across time periods by leveraging the existing onsite Fortinet access points to detect each person’s smartphone Wi-Fi signal. FortiInsight user and entity behavior analytics (UEBA) technology detects behavioral anomalies and noncompliant activity that may represent possible insider threats.
downstream infrastructure diagram fortiap fortiswitch forticamera fortirecorder rugged-ngfw fortisiem fortianalyzer fortimanager fortideceptor fortinac fortiauthenticator fortitoken fortisandbox fortipresence fortiinsight
Click on a specific section of the diagram to get more details

Securing Corporate Infrastructure

Oil and gas companies’ corporate infrastructures contain a variety of business-critical data, from geological and exploration data to financials to the personal information of employees and consumers. Most companies have remote and traveling workers, third-party partners with access to corporate resources, and services in multiple clouds. In addition to protecting these resources from external attack, it is crucial to protect against well-intentioned and malicious insiders exposing confidential data.

While a disaggregated security architecture impedes both security and operational efficiency, single-pane-of-glass visibility and control enhances both. End-to-end integration of the security infrastructure unlocks automation of threat detection, response, and reporting, freeing up time for well-paid security personnel to focus on strategic tasks.

The Fortinet Security Fabric provides an integrated security architecture that makes this possible. Fortinet covers the entire attack surface, from the data center to multiple clouds to the network edge, with broad, integrated, and automated protection. Fortinet Dynamic Cloud Security solutions break down silos between multiple public and private clouds, enabling consistent policy management. FortiManager, FortiAnalyzer, and FortiSIEM provide comprehensive management and analytics. FortiInsight and FortiDeceptor help protect against insider threats. And companies can protect devices and applications with FortiWeb, FortiMail, FortiClient, and FortiEDR. 

FortiGate NGFWs utilize purpose-built security processors to help companies deliver top-rated protection and high-performance inspection of clear-texted and encrypted traffic. They are available in multiple form factors. FortiSIEM simplifies security information and event management by delivering visibility, automated response, and fast remediation in a single solution. FortiDeceptor complements an organization’s existing breach protection strategy by deceiving, exposing, and eliminating attacks originating from internal and external sources before real damage occurs. FortiAnalyzer provides analytics-powered cybersecurity and log management to provide better detection against breaches. FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. FortiPresence provides insight into the physical movement of people within OT sites both in real time and across time periods by leveraging the existing onsite Fortinet access points to detect each person’s smartphone Wi-Fi signal. FortiInsight user and entity behavior analytics (UEBA) technology detects behavioral anomalies and noncompliant activity that may represent possible insider threats. FortiCWP evaluates and monitors cloud configurations, pinpoints misconfigurations, and analyzes traffic across cloud resources. FortiWeb web application firewall secures cloud-based resources and DevOps environments by protecting against known and unknown threats, including sophisticated threats such as SQL injection, cross-site scripting, buffer overflows, and DDoS attacks. FortiCASB manages access to valuable cloud applications and data across multi-cloud deployments.
corporate infrastructure diagram fortiauthenticator fortiinsight fortideceptor fortisandbox fortipresence fortimanager fortianalyzer fortisiem ngfw forticwp fortiweb forticasb
Click on a specific section of the diagram to get more details

Securing Oil and Gas Retail Locations

Oil and gas retailers usually sell other items as well, and they face similar challenges to other brick-and-mortar retailers. In addition, they have numerous Internet-of-Things (IoT) devices to track tank levels, refrigerator temperatures, and IP cameras. Fuel tanks on the property add extra safety and compliance requirements that other retailers do not have, and self-service, outdoor point-of-sale (POS) infrastructure presents another risk. As a result, the integration of cyber and physical security is critical, as is compliance with Payment Card Industry (PCI) standards and providing a pleasant in-store experience.

Such a complex set of business and security needs makes end-to-end integration of the security architecture especially important for gasoline retailers. Such an infrastructure eliminates the need for manual processes and workarounds that slow threat response and take staff members away from their mission of customer service.

Fortinet networking and security solutions help connect different locations in a chain, providing robust network security and automated compliance reporting. FortiGate next-generation firewalls (NGFWs) deliver robust protection for the entire attack surface, with many features built in that require an additional hardware purchase with other vendors. Fortinet Secure SD-WAN provides secure networking to all store locations without the need for expensive multiprotocol label switching (MPLS) bandwidth. And Fortinet SD-Branch solutions extend Fortinet security and networking within each store.

This infrastructure also allows for shared security services to be delivered from headquarters, including access management, advanced endpoint security, behavioral threat detection, and deception technology. In addition, management and analytics tools enable single-pane-of-glass visibility and automated reporting for compliance with standards like the PCI Software Security Framework (SSF).

FortiAP delivers secure, wireless access to distributed enterprises and branch offices and can be easily managed as a physical appliance or via the cloud. FortiSwitch offers a broad portfolio of secure, simple, and scalable Ethernet access layer switches to deliver superior security, performance, and manageability. FortiCamera offers a suite of secure, network-based video cameras to incorporate physical cybersecurity with network cybersecurity and bolster protection against cyber-physical attacks. FortiRecorder records footage from cybersecurity cameras with scheduled or manual recording and continuous or motion-activated activation. FortiGate NGFWs utilize purpose-built security processors to help companies deliver top-rated protection and high-performance inspection of clear-texted and encrypted traffic. They are available in multiple form factors. FortiGate NGFWs utilize purpose-built security processors to help companies deliver top-rated protection and high-performance inspection of clear-texted and encrypted traffic. They are available in multiple form factors. FortiSIEM simplifies security information and event management by delivering visibility, automated response, and fast remediation in a single solution. FortiDeceptor complements an organization’s existing breach protection strategy by deceiving, exposing, and eliminating attacks originating from internal and external sources before real damage occurs. FortiAnalyzer provides analytics-powered cybersecurity and log management to provide better detection against breaches. FortiNAC provides visibility across the entire network and the ability to control access for all devices and users, including dynamic, automated responses. FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. The FortiAuthenticator identity and access management solution and FortiToken tokens grant access to users on a need-to-know basis. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. FortiPresence provides insight into the physical movement of people within OT sites both in real time and across time periods by leveraging the existing onsite Fortinet access points to detect each person’s smartphone Wi-Fi signal.
oil and gas retail locations diagram fortiap fortiswitch fortipresence fortianalyzer forticamera fortirecorder fortinac ngfw-remote ngfw fortiauthenticator fortimanager fortianalyzer fortisiem fortisandbox fortideceptor
Click on a specific section of the diagram to get more details