Biorefinery Deploys Comprehensive OT Cybersecurity Risk Management Plan

Challenge

Following the directive of the company’s board of directors and their business insurance carrier’s requirements to underwrite the organization’s cyber insurance policy, plant management needed to provide assurance that the proper safeguards were in place to ensure system reliability, uptime, and security.

While the biorefinery already had formal security measures being used to protect its critical infrastructure, much of the policies, procedures, hardware, software, and documentation were out of date, so it was certain that the entire OT network needed to be fully revamped and brought current with industry standards.

Realizing that the successful deployment of this project in a timely manner would require a level of expertise beyond the capabilities of the plant’s existing staff and resources, the customer sought professional assistance from the OT Cybersecurity team at Novaspect, an Emerson Impact Partner.

Solution

Novaspect’s OT Cybersecurity specialists worked in conjunction with the biorefinery to analyze, architect, engineer, and deploy a robust, vendor-supported OT Cybersecurity Management Plan, to include:

Control system network security risk assessment and vulnerability scanning report.
Cybersecurity solution for the entire plant to include all control elements (PLC/DCS) from multiple vendors including Emerson, Rockwell, and Trident.
Centralized policy management structure.
Integrated Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT).
Network scans of the area control network (ACN) and both wired and wireless devices.
Endpoint & Whitelisting, OT System Hardening, Controller Firewall, DMZ Firewall, User Access Management, Drawings, and Policy Creation.
Detailed Design Document (DDD).
Training and implementing new standards and policies with assigned stakeholders at the plant.
Ongoing maintenance and support.
Twice yearly review of existing standards and policies with updates and retraining as needed to reflect changes in best practices.

In addition, the plan would ensure in-scope requirements are documented and comply to standards defined within:

ISA/IEC 62443
Achilles Practice Certification (APC) Bronze Level
CIS (Center for Internet Security) Critical Security Controls
DeltaV™ Security Manual
Customer’s IT/OT best practices, policies, and procedures

Outcome

The biorefinery had their entire OT network infrastructure redesigned and secured by the cyber experts at Novaspect which ultimately enabled the company to save substantially on the annual cost of its cyber insurance policy premium.

The insurance savings in the first year alone far surpassed the cost of the cybersecurity project, so it was deemed as well worth the investment.

By partnering with Novaspect, the plant’s stakeholders can now rest assured that the control system is safeguarded with a robust cybersecurity solution that will withstand threats now and into the future.

Move forward in your pursuit of OT Cybersecurity and connect with an experienced team you can trust. Novaspect’s cybersecurity engineers are ISA/IEC 62443 certified.