Case study
ServiceNow: Securing OT at an energy supplier
ServiceNow worked with a publicly listed energy company with millions of customers and more than 10,000 employees in the US to secure its operational technology and help it comply with the latest regulations.
Part of the problem was the utility didn’t have visibility of its operational technology and equipment, which was affecting its ability to manage risk. “If you don’t know what you don’t know, that’s probably the worst scenario to be in,” explains Ben Barker. “It meant our client was struggling with compliance and auditing of its operations.”
The context
US infrastructure is being heavily targeted by persistent threat actors. As a result, the regulator is pushing energy companies to harden and secure their infrastructure.
ServiceNow worked with the energy company to develop a detailed understanding of its infrastructure and assets. “What you need is a very precise understanding of operational assets, not a historic level of understanding – or the understanding you had in the past,” says Barker. “If someone hostile accesses an energy facility or substation, you want to know about it immediately.”
He adds that if all the technology within the network were new, that job would be more straightforward. “In the energy sector, you can’t just replace everything. Many energy companies have a huge diversity of systems and infrastructure – you need a hammer to fix one thing, and a computer for the other. If a hostile actor wants to target you, the OT space tends to be quite open. It’s not like IT, where companies have been hardening themselves for a long time and reducing attack vectors – it is much harder to penetrate those areas.”
Identifying problems early
The US customer could have assessed its infrastructure using people power, but inefficiently and at a high cost. In just six months, ServiceNow was able to automate this process to understand dependencies and risks in the network. “The system surfaces problems before they happen. If something slips through the net, you’re quickly able to isolate where the problem is and restore services or power outages.”
ServiceNow clients typically have two approaches to taking control of OT. One is to implement technology at one site and get everything working so that it becomes a blueprint for a much wider rollout. A British manufacturer, a household name, used one of its facilities in Japan for this purpose. Barker says: “The other way people do it is to start with breadth: go out to every facility, every plant, and every substation, and ask, ‘which areas do I need to secure the most? Where are the gaps?’.”
The results
ServiceNow’s intervention for the US energy company includes streamlined plant processes, as well as an improved readiness and response to cyber security threats. The client has also been able to develop a unified single source of truth of OT information, which has helped it in its most recent interactions with regulators. It’s also reduced the number of manual processes and overall risk profile of the company.
in association with
