'CRQM for Natural Gas Production' is written by DeNexus' Director of OT Cybersecurity, Donovan Tindill.
The Times Have Changed. Ransomware continues to be the leading cybersecurity threat, and due to IT-OT integration and convergence of technologies, it is an increasing impact in industrial control systems (ICS) environments as well. A decade or two ago, operational technology (OT) cyber incidents were mainly attributed to configuration errors and unintentional IT malware causing reboots or network congestion in OT systems. But today, ransomware takes the lead, causing far-reaching impacts in industries with its more intelligence human-driven command and control capabilities, fast propagation, data exfiltration capabilities, and of course the denial of service (DoS) caused by data encryption. Now with ransomware, it is big business for cyber extortionists to target as many organizations as possible.
The Rise of Natural Gas. With the phasing out of coal and a global shift towards cleaner energy, dependency on natural gas is increasing. In various regions, it's the backbone for heating and electricity needs. In the energy industry, there was a time when methane gas in an oil well was wastefully burnt off; now it’s captured and monetized. Aided by hydraulic fracturing (aka., fracking) in the last decade or so, and an attempt to reduce the dependency on energy imports, natural gas production domestically has increased even further. But the economics of gas production are intricate.
A Peek into the Economics. The natural gas market has seen its highs and lows. Just six months ago, the industry was 10-year highs with prices over USD$7.50 per mmbtu (millions of BTUs). Now, the Henry Hub spot price hovers around USD$2.64/mmtbu in North America, just teetering at the break-even point for many producers. Gas exploration, drilling and extraction is a high capital expense, with the highest production occurring at the start of new wells, then declining rapidly over time. Downtime, thus, has severe financial implications in Gas Production, especially for older wells that have declining profit margins. Loss of view or control event, or even loss of data, can also incur other penalties for not having the necessary compliance reporting data, such as environmental monitoring.
Calculating Losses. Imagine a cyberattack, most likely a ransomware delivered via phishing, hitting a natural gas producer. The clock starts ticking immediately. Within a short span, costs grow rapidly:
For context, natural gas production at a rate of 500 million cfd (482,000 mmbtu/d), a week's halt in gas production can lead to revenue losses over USD$80M at the current rate of $2.64/mmbtu. Combine this with the expenses of downtime, cybersecurity response & recovery, environmental penalties, contractual penalties, it is difficult for most cybersecurity professionals to integrate business and operations losses into the justification of cybersecurity budgets & projects.
What is Cyber Risk Quantification and Management (CRQM)? Faced with business and operational costs like those listed above, against the technical complexities of cybersecurity, an organization wants to know if they should sustain or increase their cybersecurity investment, what is their risk, and what should they do about it.
CRQM provides a methodology to model:
Essentially, CRQM helps estimate the financial impacts of a cyber event, assisting in making informed decisions. For instance, how would a price surge per unit affect the losses from an OT cyber event? Which cybersecurity investment offers the highest risk reduction, or maximizes the return on the investment?
Our team at DeNexus is focused on understanding the unique costs & impacts of different industry verticals. We devote our attention to understanding when an IT data breach could cross the line into OT, leading to tangible operational consequences. We establish baselines using known cyber events with evident ICS/OT losses, aiming to bridge the data gap about cyber incidents in specific sectors. By understanding the variances between sectors, we can predict similar loss proportions in different organizations and industries. CRQ helps estimate those costs, CRQ+M helps you better manage those costs and aid decision-making in multiple facilities each having different financial attributes and security controls in place.
DeRISK Cyber Risk Quantification and Management Platform
To navigate this multifaceted landscape, forward-thinking organizations are turning to Certified Risk Quality Management systems. Leveraging platforms like DeNexus' DeRISK Cyber Risk Quantification and Management platform, gas generation companies can amalgamate data from standards like NIST CSF, ISO 27001 or DeNexus’ proprietary DNX CSF with the nuanced insights from facility managers, integrating them seamlessly with evidence-based data from various passive and active monitoring solutions across the manufacturing ecosystem.
By enhancing DeRISK integrated data powered by AI, ML and Probabilistic Inference with specific business operational metrics for manufacturing, DeRISK offers an enriched understanding of the overall risk profile. For individual facilities and complex portfolios. This convergence of Cybersecurity, Operational Technology, and business metrics ensures that organizations can gauge threats not just from a technical standpoint but also from a holistic, business-impact perspective.
On top of this, DeRISK enriches this integrated dataset by incorporating business operational metrics specific to gas generation facilities —such as production losses, equipment downtime, HS&E Penalties, and Operational Costs and Restart —. These metrics enable organizations to derive more nuanced insights into their overall risk profile, combining the typically siloed worlds of Cybersecurity and Operational Technology. By synthesizing all of this data, the DeRISK translates multifaceted insights into quantifiable business impact, thus allowing for well-informed, strategic decision-making facilitated by DeRISK Cyber Project Simulator that aligns with both organizational goals and risk tolerance. This holistic approach provides an enhanced security posture that meets the high standards of multiple leading industry guidelines.
By marrying cybersecurity risk quantification and management with the operational nuances of gas production facilities, DeRISK by DeNexus stands as a testament to the future of secure, efficient, and resilient gas generation facilities in the age of digital transformation.
Click Here to read more about the DeNexus Knowledge Center and the DeNexus Trusted EcoSystem.
Click Here to learn more about DeRISK, a comprehensive Cyber Risk Quantification and Management platform!
______________________________________________________________________________
See the Dashboard & Access The DeRISK Platform!
Donovan Tindill : Nov 13, 2023 9:04:07 PM
'CRQM for Natural Gas Production' is written by DeNexus' Director of OT Cybersecurity, Donovan Tindill.
Juan Carlos Cortinas Abad : Nov 3, 2023 8:42:58 AM
'Cyber Risk Quantification and Management for Electric Power Generation Systems' is written by DeNexus' Director of Cybersecurity, Juan Carlos...
Juan Carlos Cortinas Abad : Oct 31, 2023 4:12:03 PM
'CRQM in Electric Transmission and Distribution Systems' is written by DeNexus' Director of Cybersecurity, Juan Carlos Cortinas.