DNVGL.no

Breadcrumbs

Information and cyber security

Protecting your critical information, IT and systems

Kontakt oss

Pål Børre Kristoffersen Pål Børre Kristoffersen
Principal Consultant
Petter Myrvang Petter Myrvang
Head of Section Information Risk Management
SHARE:
PRINT:
Information and cyber security

In the Norwegian energy and oil and gas sector alone, more than 50 cyber security incidents are detected the last year.* 

The critical network segments in oil and gas production sites used to be kept isolated, but the trend towards remote operations, remote maintenance and tighter inter-operability (with centralised process data and plant information systems) means that is no longer practical. 

New integrated and networked solutions provide an ever-larger target for cyber threats. Dealing with information and cyber-security challenges has become a key focus area in oil and gas operations. 

DNV GL can help you protect critical information, IT and systems in oil and gas assets and operations – onshore and offshore. Our independent risk-based approach is founded on wide industry expertise and experiences in cyber-security, industrial networks and control systems. We use best practices, relevant standards and proven techniques /supporting tools, such as:

  • ISO 27000 (information security) and ISO 31000 (risk management) series
  • NOG 104 guidelines family, NIST 800, ISA 99 and ISA/IEC 62443 for industrial IT and automation
  • EasyRisk Manager database tool for risk registry, assessments and follow-up.

What you get:

  • Initial and comprehensive ‘health checks'
  • Risk identification, assessments, mitigations and follow-up, including risk and vulnerability assessments
  • Specification, management and follow-up of company requirements and standards
  • Robust, reliable and secure simulations and testing of systems and networks
  • Tailor-made studies and analyses of networks and systems
  • Better protection of critical information, it and systems
  • Systematic identification, mitigation and follow-up of information and cyber-security risks
  • Regulatory compliance
  • Improved operations regularity and business continuity
  • Brand protection.


*Source: Norwegian National Security Authority