Summary

Verve partnered with one of the top 10 oil and gas companies to deliver measurable cyber security improvements in six months. Deploying the Verve Security Center provided a comprehensive platform for risk assessment, remediation, monitoring, and reporting.

In addition, the Verve Industrial Protection (VIP) services team deployed critical third-party components such as backups and application whitelisting to deliver a turnkey improvement program.

Within six months, the client became a model site for their OEM vendors and the rest of their organization.

The Challenge

Our client, a top 10 oil and gas producer, had a complex refining operation in remote locations and needed a vendor-agnostic security solution to simplify protection and monitoring over a dozen different OEM brands. This company’s corporate IT security requires measurable improvement against critical controls within six months. To complicate things, their networks were already heavily segmented with many layers of NAT-routers, subnets, etc.

After evaluating several solutions, the IT and OT teams chose Verve as their partner to deliver a step function improvement in
security maturity.

Customer Testimonial

"Verve enabled us to have the same security functionality and consistent measurement in OT as we have in our IT side."

CISO, Top 10 North American Electric & Gas Utility

The Solution

Verve brought together the Verve Security Center platform and our VIP services to provide a turnkey solution to OT/ICS security. Verve Security Center was deployed across thousands of endpoints: servers, HMI’s, embedded controllers (such as Delta V, Rockwell, Triconex, etc.), and networking gear from Cisco, Hirshman, Emerson, etc. This provided a robust vulnerability and risk assessment on each endpoint and segment. Verve reached deep through segmented networks to gather inventory and vulnerability information.

The client leveraged VIP services to enhance their internal security resources. The services team assisted with the deployment of Verve and third-party security tools such as the Dell backup solution, Carbon Black malware protection, etc. These components integrate directly into Verve Security Center to provide real-time visibility to malware and backup status.

The Impact

Within six months, this oil and gas client made significant improvements in their ICS/OT security. Verve provided a robust risk assessment including full asset visibility, vulnerability assessment, identification of dormant and unnecessary user accounts, risky software, missing patches, etc. The client began remediation immediately. The Verve Security Center provided an integrated management console that could be viewed by centralized IT staff to identify a full range of security control gaps in remediation plans across all facilities.

Related Resources

Case Study

How a leading power company reduced response time and remediation

Find out how a leading power company reduced response time and remediation efforts across different generation asset types.

Learn More
Case Study

How a top energy company rapidly improved OT cybersecurity maturity

See how a top energy company delivered measurable improvement in OT cybersecurity within a 12 month period.

Learn More
Data Sheet

Riio-2 Mapping to Verve

See how Verve aligns with OFGEM's new set of cyber security resilience guidelines (RIIO-2) for electricity and gas distribution networks.

Learn More