Cybersecurity Activity Generating its Own Set of Big Data

While an exact estimate is not known, Moreda said the company each month is seeing billions of raw events – cyber events before data is analyzed – in its operation centers, and that emails that the company filters to detect cyber-threats involve terabyte and petabyte file sizes.

“The data they own is one of their greatest assets,” said John Cosby, solution architect at BAE. “A lot of companies are jealously guarding the data science they do and treating it as very valuable intellectual property.”

The oil and gas industry’s history of using very large data sets to guide their exploration and production means that they have developed some very sophisticated models over the years. Companies are expected to continue working their way down the value chain to try and gain a market edge with the data they already have.

The fact that ICS/SCADA monitoring systems, which were previously detached from the network, are being connected to Internetworks, and Internet, unfortunately, for the security perspective, and their data is being captured in existing solutions, industry expert Thomas Quinlan told Rigzone.

While it may take longer than regular ‘Big Data’, Quinlan thinks that ICS data is definitely coming as another source of Big Data, most likely in 2016.

“People are very concerned about security – and rightly so – and are focusing there first. However, they’re soon going to want a data science perspective on all the information they didn’t previously have access to, once they can get around the different protocols and formats.”

Other Cybersecurity Trends in 2015

Geoff Graham, who oversees mostly oil and gas activity at BAE, is seeing the convergence of physical and cybersecurity risks as companies introduction automation to link business and OT operations. Much of this convergence is very specific and targeted in places such as collaboration centers to allow for subject matter experts to impact operations in a centralized way.

“There are a lot of people starting to look at how to approach physical and cybersecurity risk from an integrated perspective,” said Graham. “You can have as much cybersecurity as you want to protect yourself in the digital realm, but if somebody can walk into your building and steal a laptop, it doesn’t matter.”

The attack surface for oil and gas companies also can be increased if someone brings a data-stick into an area and infects the system.

Until recently, many of the oil and gas companies that John Dickson, principal at San Antonio-based Denim Group, has worked with viewed security through the lens of physical security. He has seen companies struggling with the genuine challenge of cyber-related vulnerabilities and risk struggling to complete with physical safety and security issues inherent in oil and gas.


View Full Article


Generated by readers, the comments included herein do not reflect the views and opinions of Rigzone. All comments are subject to editorial review. Off-topic, inappropriate or insulting comments will be removed.