After a very ‘rewarding’ fall in which Cimation received numerous awards and recognitions for its work in automation, systems integration, and cyber security, the wins just keep on coming. Yesterday, the SANS Institute1 announced the winners of its 2015 Difference Makers Award, an annual award that (according to the official press release) “celebrates those individuals whose innovation, skill and effort have driven real advances in information security.” Among this year’s list of 11 recipients was Cimation’s own Austin Scott, former founder and CEO of Calgary’s Synergist SCADA and current leader in our well-established ICS cyber security practice. He is currently working as a Cimation representative on the Shell PCD IT Security program, a global program to standardize cybersecurity technology and processes across the company’s international assets.Read More
In recent years, advances in technology have allowed companies throughout the energy industry to significantly enhance the automation, monitoring, and control of their operations. This digital shift was marked by the introduction of the Industrial Internet of Things (IIoT) into process control environments, where connected devices revolutionized the way operators and enterprise personnel interact with and analyze Industrial Control Systems (ICS). These increased capabilities of IIoT-enabled devices and their further integration with the enterprise network have provided operators with a wide range of benefits across the entire value chain. However, they have also come with an important trade-off that shouldn’t be taken lightly: increased exposure to vulnerabilities.
In light of this digital shift, endpoint security for ICS, whether in the form of firewalls, host intrusion prevention systems (HIPS), patch management, or any of the myriad of technologies designed to keep endpoints secure, has become increasingly important. Application whitelisting (AWL) is another, specific form of endpoint security that’s proved to be a safe and reliable option for a wide range of production environments. As both the volume and variety of malware threats continue to increase, the advantages it can provide over other endpoint security measures are becoming more and more evident.Read More
Recently, KPMG and Cimation met with about thirty members of the Calgary business community to discuss industrial control system (ICS) security. Over breakfast and a brief presentation, we discussed the challenges organizations are facing as they try to develop, implement, and actively demonstrate the return on their cyber security strategies. Often these conversations focus on intentional cyber incidents; however, our conversation was dominated by a number of comments related to accidental infractions, which could be mitigated as well through increased governance and improved processes.Read More
Sometimes, things just don’t work the way that they should. This is especially true in the chemical and petrochemical refining industries, where processes, often consisting of hundreds and sometimes even thousands of pieces of equipment and control systems, have to work in sync to achieve a very specific outcome. When one of these systems or pieces of equipment goes awry, the process enters what’s known as an “abnormal situation” – which as defined by the Abnormal Situation Management Consortium as “a disturbance or series of disturbances in a process that cause plant operations to deviate from their normal operating state.”
Though in some instances, the impact that an abnormal situation can have on a process is minimal, the dynamic nature of process control environments means that even the smallest of problems can potentially evolve into something catastrophic. In any case, regardless of its severity, an abnormal situation often results in more downtime, less productivity, and most importantly, reduced safety. But by using HMI graphics that embrace the ASM standards, operators can reduce the costly impacts associated with abormal situations through clear and decisive action.Read More
As any organization will tell you, the last twelve months have been a rollercoaster as oil and gas prices dropped, rebounded slightly, and dropped again. With companies struggling to maintain their revenue amidst a slew of corporate layoffs extending from the largest operators to the smallest service providers, it’s been a tumultuous twelve months for all of us. Which is why celebrating the wins (both big and small) is so important.
This month, Cimation racked up a number of company accolades thanks to our continued success providing consulting, engineering and system integration services for energy companies throughout Houston and around the world.Read More
October is Cyber Security Awareness Month in both the United States and Canada. In preparation for Cyber Security Awareness Month, we will be looking at why and how five fairly simple tactics can help improve your personal cyber security posture against the threats faced in 2015. Cimation is highly focused on Industrial Automation and Control System (IACS) Cyber Security (ICS Cyber Security) and critical infrastructure Cyber Security. However, we recognize that people are the weakest link any Cyber Security paradigm. Educating your workforce, encouraging them to be cyber aware, and ensuring that they employ cyber secure practices in their day-to-day activities is an important part of reducing cyber risk.Read More
Flow measurement is critically important to the energy industry. The process of accurately measuring the flow of produced oil and gas products – whether they are liquid hydrocarbons or gas – is of fundamental importance to all oil and gas companies, upstream midstream, and downstream alike. After all, it is by measuring and recording product volumes and analyzing samples for quality that companies determine their selling prices and ultimately make money. No matter the market price of oil, companies cannot monetize their products without first quantifying them.
A comprehensive Measurement Program is designed to optimize a company’s investments over the life cycle of their asset rather than only when things go wrong. Many times, organizations aren’t even aware that there is an issue until an ugly problem rears its head, and often these issues could have been avoided through regular system calibration and maintenance checks. A Life Cycle Measurement Programs is also designed to maintain existing infrastructure over the entire life cycle of the asset, reducing unexpected and costly system issues, decreasing the risk for unscheduled downtime, and ensuring accurate measurement to protect revenue and guard against accidental losses.Read More
Houston, TX – [For Immediate Release]
Cimation has been selected by Shell as a key provider of industrial cybersecurity consulting, network engineering, endpoint remediation, and system hardening for the Shell Process Control Domain (PCD) IT Security Program, a global program to standardize cybersecurity technology and processes across the company’s global assets.
Cimation, an operations consulting company focused on industrial control system (ICS) security, will assist in the planning, deployment, and commissioning of the multi-year program in collaboration with other Shell suppliers. Currently, Cimation’s industrial control system cybersecurity experts hold key delivery and technical roles on the Shell PCD IT Security Program team.Read More