DNVGL.de

Information and cyber security

Protecting your critical information, IT and systems

Ihr Kontakt:

Pål Børre Kristoffersen Pål Børre Kristoffersen
Principal Consultant
Petter Myrvang Petter Myrvang
Head of Section Information Risk Management
Empfehlen Sie uns weiter:
Drucken:
Information and cyber security

In the Norwegian energy and oil and gas sector alone, more than 50 cyber security incidents are detected the last year.* 

The critical network segments in oil and gas production sites used to be kept isolated, but the trend towards remote operations, remote maintenance and tighter inter-operability (with centralised process data and plant information systems) means that is no longer practical. 

New integrated and networked solutions provide an ever-larger target for cyber threats. Dealing with information and cyber-security challenges has become a key focus area in oil and gas operations. 

DNV GL can help you protect critical information, IT and systems in oil and gas assets and operations – onshore and offshore. Our independent risk-based approach is founded on wide industry expertise and experiences in cyber-security, industrial networks and control systems. We use best practices, relevant standards and proven techniques /supporting tools, such as:

  • ISO 27000 (information security) and ISO 31000 (risk management) series
  • NOG 104 guidelines family, NIST 800, ISA 99 and ISA/IEC 62443 for industrial IT and automation
  • EasyRisk Manager database tool for risk registry, assessments and follow-up.

What you get:

  • Initial and comprehensive ‘health checks'
  • Risk identification, assessments, mitigations and follow-up, including risk and vulnerability assessments
  • Specification, management and follow-up of company requirements and standards
  • Robust, reliable and secure simulations and testing of systems and networks
  • Tailor-made studies and analyses of networks and systems
  • Better protection of critical information, it and systems
  • Systematic identification, mitigation and follow-up of information and cyber-security risks
  • Regulatory compliance
  • Improved operations regularity and business continuity
  • Brand protection.


*Source: Norwegian National Security Authority