Governance & Risk Management , Legacy Infrastructure Security , Operational Technology (OT)

Securing Oil and Gas: Legacy Systems and Modern Threats

Noble Drilling CISO on Managing Old and New Tech, Challenges and Strategies
Bemi Anjous, CISO, Noble Drilling

Managing cybersecurity in the oil and gas industry involves unique challenges as firms rely on both legacy systems and modern technologies. Many devices in use were built decades ago without current security guidelines, making them vulnerable to cyberattacks, said Bemi Anjous, CISO at Noble Drilling.

See Also: From Data to Decisions: Maximizing Operational Efficiency Through IT-OT Integration

Legacy systems often depend on obsolete software such as Windows 95, which is no longer supported. The key to mitigating these risks is effective asset inventory management and understanding the associated risks of each asset, Anjous said.

"It's common, because a lot of these devices are built up to 10 to 20 years ago, and back then when they were built, they weren't thinking of IT and OT security. They were thinking of engineering," he said. "Over time, that does evolve, and right now we're seeing the impact of the attacks coming through those security gaps."

In this video interview with Information Security Media Group at the Cyber Security for Critical Assets USA Summit in Houston, Anjous also discussed:

  • Balancing the needs of legacy technologies with the constant emergence of new technologies;
  • The importance of asset inventory management and risk assessment;
  • The need for effective communication strategies between IT and OT teams.

In his role at Noble Drilling, Anjous bridges the gap between IT and OT by leveraging his engineering background. He has expertise in optimization and cost reduction, outsourcing management and shared services, OT/manufacturing security and compliance, and strategy and forecasting.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.