Solutions to ensure information security for Oil, Gas and Energy Enterprises

With the rapid development of digital technology in the 4.0 era, network security is becoming a concern for every user and business. The Oil and Gas industry is an important segment of the global economy. There are millions of people around the world working in the industry. They are responsible for powering homes, businesses, transportation systems, as well as supporting trade, technological upgrades, infrastructure development, etc. Like most industries today, Oil and Gas Companies are increasingly dependent on digital technology – making implementing an information security strategy more important than ever.

In Vietnam, according to statistics from the Information Security Department, in October 2023 alone, the Department issued warnings and instructions for handling 1,010 cyber attacks that caused problems on information systems in Vietnam, an increase of 17.9% over the same period in 2022.

The situation is quite serious: this November, a number of Oil and Gas, Electricity businesses and organizations in Vietnam were also attacked by ransomware and caused a lot of impact on operations as well as significant losses.

This is the time for Oil and Gas organizations and businesses to immediately review and strengthen their capacity to ensure information security, reduce the risk of being attacked as well as limit the impact if attacked. Below are some suggestions from Mr. Jack Bui – Founder of Vina Aspire, member of Vietnam Information Security Association (VNISA) on this issue:

1. Establish an IT professional board and department, set aside procurement budget, pay attention to salaries and worthy income for IT workers;
2. Develop and implement a cyber security policy to ensure that all employees understand and follow security measures.
3. Deploy network security monitoring (SOC) and centralized information security monitoring and management (SIEM) services provided by network security companies (Refer to IBM Security Qradar solution, Splunk) to monitor unusual activities and early detection of threats.
4. Regularly and periodically conduct penetration testing (Pentest) & organize Cyber Security and Information Security drills;
5. Develop & comply with standards and deployment models for information security tools (eg ISO 27000, NIST, multi-layer protection models, etc.).
6. Invest in vulnerability management solutions and tools, ensure to review and update software patches and handle vulnerabilities on systems regularly and promptly. Ensure that all systems and software are regularly updated with the latest patches to address security vulnerabilities.
7. Deploy Network Access Control – NAC solution. (Refer to MetaAccess NAC solution)
8. Apply modern multi-factor authentication methods, capable of protecting against fraud, deploy identity management systems, access management, and privileged account management to protect throughout the process Operate IT systems and use applications. (Refer to CyberArk’s solution)
9. Apply the Zero Trust Security model in IT system administration; Zero Trust is a security model based on the idea that businesses should not have a default trust option for anything outside or inside their boundaries. Instead, they must authenticate everything that attempts to gain access and connect to the system before access is granted.
10. Apply 2-Factor Authentication (2FA) and Multi-Factor Authentication (MFA) to enhance login security.
11. Safety testing, evaluating third-party applications and software to ensure they do not create system security vulnerabilities.
12. Deploy a web application protection solution (WebApp Security), refer to F1 Security solution.
13. Timely upgrading and updating new generation firewall solutions Next Generation Firewall helps prevent high-tech attacks along with the ability to decode and detect hidden dangers. Properly configure firewalls to control network traffic and block external threats; Use Intrusion Prevention Systems (IPS) to promptly detect and prevent threatening acts to the network system. Check out Palo Alto’s latest generation firewall solution, Checkpoint;
14. Upgrade a highly secure wireless network system. With increased demand for data-intensive applications and growing cyber threats, a fast and reliable network is essential. Furthermore, traditional wireless network systems simply cannot keep up with the needs of hybrid work environments (Refer to Cisco’s Wifi6 solution here, or Ruckus Cloud here.
15. Install and maintain antivirus and anti malware software on all devices connected to the network, especially upgrading antivirus software to the latest EDR solution to help detect and respond to unknown attacks Endpoint Detection Response (EDR) (Refer to Kaspersky, Trendmicro, Crowdstrike);
16. Deploy data and email encryption solutions to protect important data during transmission and storage. (Refer to PrimX encryption solution)
17. Deploy data loss prevention solution – Data Loss Prevention (Refer to Vina Aspire)
18. Perform periodic backups of important data and develop a data recovery plan after incidents; Apply the 3 – 2 – 1 Backup rule;
19. Invest in anti-encryption (SAN) storage devices. (Refer to IBM Flash System 7300 solution)
20. Back up data or save a backup copy (on the cloud or on your infrastructure) with solutions to protect and restore if the original copy (data) is ransomware (for example, have a strong authentication method when needed). access or delete backups, deploy protection solutions or physically and logically separate backups…). Refer to Veeam, ExaGrid, VABackup solutions
21. Deploying DR as a Service (DRaaS), IT system disaster prevention & recovery allows redundancy, recovery and continued use of critical technology infrastructure and data systems. even when natural or human-caused disasters occur.
22. Deploy solutions for Service Management and Operations Management teams (including ITIL = IT Services Management ITSM + IT Operation Management ITOM and IT Security) – providing real-time services and support, creating relationships Linking business activities with modern technology infrastructure, including: desktop computers, applications, servers, networks, information technology resources,… helps businesses manage and control various information technology devices to increase efficiency and security when used. (Refer to ManageEngine solution).
23. Consider implementing a Virtual Computer System that allows you to provide a more flexible and secure working environment than the traditional computer model. In addition, the virtual computer system is tightly and unified managed, allowing for quick and effective deployment. (Refer to Vina Aspire’s solution)
24. Upgrade the video conferencing system to ensure information security, refer to Cisco Webex solutions here.
25. Set up security policies and manage access permissions to minimize risks from unauthorized users.
26. Consider purchasing Cyber Security insurance to prevent difficulties and possible losses.
27. Enhance information security awareness training for users, especially about the risk of ransomware attacks. Train employees on cyber safety measures and how to avoid online threats, including social engineering techniques.

From practice through recent attack cases, in addition to the above solutions, the most common reason for hackers to penetrate, install and activate ransomware is due to weak user authentication ( use password only). Typically, in the recent attack on entertainment company MGM Resorts International, the attacker impersonated MGM employees (with personal information collected from LinkedIn) and called customer support. used MGM’s IT Helpdesk to get login information and attack the system, causing damage of up to 100 million USD. Therefore, one of the solutions that needs to be equipped is modern multi-factor authentication, biometric authentication or knowledge-based authentication to be able to combat phishing attacks. (phishing resistant MFA).

By combining the above solutions, Oil and Gas Enterprises can build a comprehensive cybersecurity strategy to protect their data and systems from online threats.

Vina Aspire is a consulting company, providing IT solutions and services, network security, information security & safety in Vietnam. Vina Aspire’s team includes skilled, qualified, experienced and reputable experts and collaborators, along with major domestic and foreign investors and partners to join hands in building.

Businesses and organizations wishing to contact Vina Aspire Company with the following information:

Email: info@vina-aspire.com | Website: www.vina-aspire.com
Tel: +84 944 004 666 | Fax: +84 28 3535 0668

Vina Aspire – Vững bảo mật, trọn niềm tin