contact@ijirct.org      
INTERNATIONAL JOURNAL OF
INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY

Published In

Volume 6 Issue 2
April-2020

 

Publication Number

2501012

 

Page Numbers

1-11

 

DOI

10.5281/zenodo.14598693

Paper Details

Using SIEM and SOAR for Real-Time Cybersecurity Operations in Oil and Gas

Authors

Suchismita Chatterjee

Abstract

The oil and gas industry is a prime target for cyberattacks due to the critical infrastructure it controls and the high value of its data. This paper explores the evolving landscape of cyber threats facing the industry, including sophisticated attacks, ransomware, DDoS attacks, phishing, and insider threats. It delves into the challenges posed by the convergence of IT and OT systems, ICS vulnerabilities, supply chain attacks, and legacy systems.
To address these threats, the paper examines the role of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) technologies. SIEM provides real-time monitoring and analysis of security events, while SOAR automates incident response and reduces mean time to resolution (MTTR) and mean time to detection (MTTD). The paper discusses how SIEM and SOAR can be used together to enhance threat detection, response, and proactive threat hunting.
Furthermore, the paper explores the benefits and limitations of SIEM and SOAR, including cost, complexity, and skillset requirements. It provides best practices for implementing these technologies, such as establishing clear security policies, implementing a layered security approach, and regularly updating security rules and playbooks. By leveraging SIEM and SOAR, oil and gas companies can significantly improve their cybersecurity posture and protect their critical infrastructure and sensitive data.

Keywords

Cybersecurity, Oil and Gas Industry, Cyber Threats, Ransomware, DDoS Attacks, Phishing, Insider Threats, IT and OT Security, SIEM, SOAR, Security Orchestration, Automation, Response, Threat Detection, Incident Response, Cyber Risk Management, Critical Infrastructure Protection, Cybersecurity Best Practices

 

. . .

Citation

Using SIEM and SOAR for Real-Time Cybersecurity Operations in Oil and Gas. Suchismita Chatterjee. 2020. IJIRCT, Volume 6, Issue 2. Pages 1-11. https://www.ijirct.org/viewPaper.php?paperId=2501012

Download/View Paper

 

Download/View Count

8

 

Share This Article


Website/Journal Policies