Introduction
I am writing to propose a thorough cybersecurity assessment and gap analysis for Jurassic Fuel Storage and Transport. I am a cybersecurity consultant, and therefore, my objective entails ensuring that the cybersecurity infrastructure of your organization is resilient to the constantly changing threats. Protecting vital infrastructure in today’s digital world is crucial (Clader, 2018). As a great contributor to the petroleum industry, Jurassic Fuel Storage and Transport is not an exemption from cyber threats. A cybersecurity assessment defines a systematic initiative meant to examine your company’s cybersecurity posture, detect the weak points, and offer helpful recommendations on strengthening resilience. The central personnel who will participate in the assessment are personnel in charge of IT operations, cyber security governance, and risk management. These stakeholders will ensure a comprehensive understanding of the company’s cybersecurity environment. Analyzing the recent cyber threat trends, the energy sector is the prime target. Threat actors use advanced phishing techniques to exploit Industrial Control Systems (ICS) vulnerabilities. Reports like the Verizon Data Breach Investigation Report also show cyber-attack rivals’ evolving techniques, procedures, and tactics (Krumay, 2018). This assessment aims to offer Jurassic Fuel Storage and Transport with specific recommendations to minimize the potential risks and improve cyber security resilience.
We look forward to working together with your team to strengthen cybersecurity defenses.
Identify
Identifying is a part of the National Institute of Standards and Technology (NIST). It is a very crucial part of the context of Jurassic Fuel Storage and Transport, mainly due to the complexities of the petroleum industry. The phase entails an in-depth evaluation of all the components that make up the workforce and infrastructure of a facility. Jurassic Fuel Storage and Transport’s digital environment consists of tablets with sensors. For onsite staff, desktop computers are in the operations office, and desktop computers are in a remote office. The devices are applied in communication, order processing, and remote monitoring of Industrial Control Systems that regulate the onsite activities. Every digital asset will be carefully evaluated to determine its configurations and potential vulnerabilities. The lack of Wi-Fi on the premises calls for an emphasis on other secure data transmission modes. Tablets that rely on USB connections are at risk of cyber-attacks, and a thorough evaluation will examine strategies to safeguard the data transfer points to reduce vulnerabilities. Identifying the cybersecurity risks will also include comprehending personnel practices. The 25-30 employees working the three eight-hour shifts demand a detailed evaluation of user roles and access during the shifts. Incorporating a human-centric approach ensures that cyber security strategies also consider the possibilities of insider attacks or unprecedented vulnerabilities arising from personnel practices (U.S. Department of Homeland Security 2020). Using Office 365 in remote administrative work creates a digital component to personnel practices. It enhances operational flexibility and hence needs a thorough evaluation of data security and access controls to prevent potential cyber threats from unauthorized access.
The evaluation starts with a thorough inventory and analysis of the sixteen storage tanks, each with a capacity of more than 430,000 barrels. Each tank’s precise configuration, interconnectedness, and integrity are also thoroughly examined for all sixteen tanks. The comprehensive assessment also entails the five transport trucks available for rental and the possibility of using customer-owned trucking equipment. The intricate interplay of transport, storage, and processing is governed by Industrial Control Systems (ICS), which are subject to thorough examination to detect and understand the risks (Shackelford, 2015). The identification process goes beyond the physical components that constitute Jurassic Fuel Storage and Transport Company’s daily routine. This entails a detailed evaluation of the three eight-hour shift personnel practices. User access, responsibilities, and roles are carefully mapped to ensure the human element is incorporated into the cybersecurity risk management strategy. The human-centric approach recognizes that personnel practices influence the cybersecurity posture.
The identification part accommodates the technological landscape entailing the onsite boiler and propane-fired 150-horsepower boilers. The components are crucial to the facility’s functionality as the propane-fired boiler offers the necessary energy for operations. A comprehensive cybersecurity approach would demand understanding the configuration, weaknesses, and potential effects of the technological components (Shen, 2014). More precision is attained by including specific assets like the certified truck scale. The scale shows a possible vulnerability point when compromised despite helping in operations. Besides, depending on external cloud services for data storage is another consideration. The in-depth identification process creates the baseline for Jurassic Fuel Storage and Transport’s risk mitigation strategy. It extends beyond assets enumeration, the current state of the technological landscape, and personnel practices. The objective is to develop a thorough understanding of the cybersecurity posture.
Protect
Building upon the insights from the Identification part, the protection function of Jurassic Fuel Storage and Transport Company is meant to deal with the particular complexities of the petroleum storage and transport company. The protective strategies implemented consider facility operations’ digital and physical aspects (National Institute of Standards Technology, 2018). The protection function prioritizes physical security due to the critical nature of petroleum storage. The sixteen storage trucks and five transport trucks have surveillance systems, unique security protocols, and access controls that protect them. During the design of physical security measures, the insulated steam coil-equipped tanks are considered. The customized approach ensures the company’s physical infrastructure is protected from any potential threats and unauthorized access. Jurassic Fuel Storage and Transport offers top priority to eliminate lateral movement in the event of a cyber breach when configuring the ICS. The segmentation strategy is influenced by the unique aspects of steam coil-equipped tanks, guaranteeing the individual protection of every operational component. Also, frequent patch management and vulnerability evaluations are performed with an emphasis on particular technologies used in the ICS of the facility (Mylrea, 2017).
The protection function prioritizes the digital landscape. This entails configuring Industrial Control Systems, desktops, tablets, and other OT and IT systems securely (Krumay, 2018). The absence of Wi-Fi in the facilities is handled by creating secure data transmission methods and combating potential cyber-attacks that arise from physical data transfer points like USB connections. Acknowledging the human element in cybersecurity, the protection function stretches to accommodate personnel practices. These include ensuring data security and access control protocols inhibit unauthorized access, alternatively minimizing the risk of cyber threats arising from remote administrative tasks. The process can be achieved through frequent scrutinization of the utilization of Office 365 for administrative work. Besides, considering the recent phishing act, the Protect function also focuses on incorporating phishing awareness into training programs. Through the programs, employees can understand and recognize phishing emails.
The Protect function recognizes that the employees are among the most crucial lines of defense. Training programs have been carefully designed to tackle the petroleum industry’s unique difficulties. The workforce receives specialized training in physical security and digital security training protocols pertaining to the operations and layout of the facility (Shen, 2014). The approach develops a workforce that understands company operations’ physical security and cyber awareness aspects. The employee training programs also have simulated scenes representing physical security and cyber threats. Integrating secure digital systems configuration, physical security measures, and targeted workforce training creates a holistic protective environment. The particular aspects of the certified truck are included in the comprehensive approach, allowing every aspect of company operations to be considered. The approach creates strong resilience, so the Protect feature adapts to address Jurassic Fuel Storage and Transport’s specific difficulties.
More cybersecurity procedures are employed to enhance the certified truck sale, which is often a point of interaction with external entities. Monitoring mechanisms and access controls are also employed to reduce the risk of unauthorized manipulation and access. In the commitment to stay ahead of any potential cyberattacks that could target critical assets, the secure configuration of IT systems connected to the certified truck scale is frequently updated. The Protect function is a customized technique for Jurassic Fuel Storage and Transport, not a genetic cybersecurity layer. It demonstrates an in-depth understanding of the company’s operational nuances, vulnerabilities, and assets, demonstrating the dedication to developing a protective environment that considers digital and physical security threats. The strategy allows the company to navigate the intricacies of the petroleum sector with a flexible cybersecurity posture (U.S. Department of Homeland Security, 2020).
Detect
The detect function in the NIST Cybersecurity Framework is another critical component for the Jurassic Fuel Storage and Transport Company. It emphasizes the timely detection and careful monitoring of cybersecurity events. Using insights from the Identify and Protection functions, the Detect function addresses the specific difficulties present in the company’s digital infrastructure. To enhance the company’s capability to detect potential cybersecurity threats, it is essential to implement robust Intrusion Detection Systems (IDS). IDS monitors digital devices, network traffic, and essential assets like the Industrial Control Systems (ICS) that regulate onsite operations. The IDS is customized to detect any unusual actions unique to the company’s digital landscape, for instance, tanks with steam coils and certified truck scales (Mylrescales17).
Digital devices like ICS components, tablets, and desktop computers can be monitored using the Detect function to detect unusual activity. The process entails tracking data transmission ports, especially those connected to tablet USB connections. Indicators of Compromise help determine threats, especially in the certified truck scale and steam coil-equipped tanks. Furthermore, employees are also trained to aid in detecting any unusual and suspicious activities, adding a layer of defense (National Institute of Standards and Technology, 2018). The detect function also aids in efficient response coordination. The company can then respond decisively and swiftly in case of a problem. This entails having specific responsibilities and roles in every shift.
Respond
The Respond function helps ensure an efficient and coordinated reaction to cyber incidents. The baseline of the response function is a well-defined incident response plan determined in the detection phase. The plan states the roles and duties for every shift, matching with earlier identified personnel practices. It acts as a guide so that the company reacts efficiently. The response plan consists of a living document updated often to handle evolving cyber threats. The response outlines clear communication protocols, as communication is essential in cybersecurity incidents. The response function on detecting any cybersecurity incident incorporates strategies for eradication and containment. The process could involve isolating affected systems to inhibit further damage and incorporating measures to eliminate the threat. Response functions forensic analysis bloating the affected devices, network traffic, and digital logs. The process helps detect the root cause of the attack, assign responsibility, and obtain essential information to improve future cybersecurity measures. Another critical component in the response function is ensuring the reaction matches regulatory and legal requirements (U.S. Department of Homeland Security, 2020).
Recover
The Recover function deals with reinforcing and restoring operations during a cyber-attack. The recover phase uses insights from the identify, protect, detect and respond functions to address the difficulties faced by the company in its digital infrastructure. One function of recover phase is data restoration strategies and relies on data storage and cloud services. The Recover function also entails rebuilding and reconfiguration strategies for digital assets like tablets, desktop computers, and Industrial Control Systems. The reconfiguration process applies insights from the protection phase, so the systems are rebuilt using improved security procedures. Another aspect of recover function is ensuring business continuity by reducing downtime and restoring normal business operations. The process involves using redundant systems for critical acts, leveraging personnel practices, and having smooth transitions between shifts. Recover phase also included initiatives to better employee training and awareness on future cybersecurity threats. Furthermore, the company also performs an in-depth analysis of the incident using incident response evaluation and forensic analysis insights (Calder, 2018). The lessons obtained are applied to cybersecurity practices to ensure continuous improvement. Lastly, effective communication is essential to transparently communicate with partners, customers, and regulatory authorities.
Conclusion
To sum up, the cybersecurity assessment proposal of Jurassic Fuel Storage and Transport company has shown the need to have a cybersecurity assessment in a company. The assessment used the five NIST components: identify, protect, detect, respond, and recover. One company that improved from conducting cybersecurity assessments is Saudi Aramco. The company incurred benefits like enhanced communication, a roadmap for progress, maturity measurement, and regulatory adherence. This proves that frequent cybersecurity assessments are essential in improving the results of any given company.
References
Calder, A. (2018). NIST Cybersecurity Framework: A pocket guide. IT Governance Publishing Ltd. https://books.google.co.ke/books?hl=en&lr=&id=rWxvDwAAQBAJ&oi=fnd&pg=PT9& dq=nist+cybersecurity+framework&ots=q_gZcYDuup&sig=n_sCdFJKIbY_7GBv_b6cw I-_0Kk&redir_esc=y#v=onepage&q=nist%20cybersecurity%20framework&f=false
Mylrea, M., Gourisetti, S. N. G., & Nicholls, A. (2017, November). An introduction to buildings cybersecurity framework. In 2017, the IEEE symposium series on computational intelligence (SSCI) (pp. 1-7). IEEE. https://ieeexplore.ieee.org/abstract/document/8285228
National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity Version 1.1 (NIST Cybersecurity Framework). https://nvlpubs.nist.gov/nistpubs/cswp/nist.cswp.04162018.pdf
Krumay, B., Bernroider, E. W., & Walser, R. (2018). Evaluation of cybersecurity management controls and metrics of critical infrastructures: A literature review considering the NIST cybersecurity framework. In Secure IT Systems: 23rd Nordic Conference, NordSec 2018, Oslo, Norway, November 28-30, 2018, Proceedings 23 (pp. 369-384). Springer International Publishing. https://link.springer.com/chapter/10.1007/978-3-030-03638- 6_23
Shen, L. (2014). The NIST cybersecurity framework: Overview and potential impacts. Scitech Lawyer, 10(4), 16. https://www.proquest.com/openview/3d3347a7425bf7766977ec48e757e8d3/1?pq- origsite=gscholar&cbl=38541
Shackelford, S. J., Proia, A. A., Martell, B., & Craig, A. N. (2015). Toward a global cybersecurity standard of care: Exploring the implications of the 2014 NIST cybersecurity framework on shaping reasonable national and international cybersecurity practices. Tex. Int’l LJ, 50, 305. https://heinonline.org/HOL/LandingPage?handle=hein.journals/tilj50&div=14&id=&pag e=
U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency. (2020). Cyber Resilience Review (CRR) Method Description and Self-Assessment User Guide. https://www.cisa.gov/sites/default/files/c3vp/csc-crr-method-description-and-user- guide.pdf
U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency. (2020). Cyber Resilience Review (CRR) Question Set with Guidance. https://www.cisa.gov/sites/default/files/c3vp/csc-crr-question-set-and-guidance.pdf
Webb, J., & Hume, D. (2018, March). Campus IoT collaboration and governance using the NIST cybersecurity framework. In Living in the Internet of Things: Cybersecurity of the IoT- 2018 (pp. 1-7). IET. https://ieeexplore.ieee.org/abstract/document/8379712