Company Profile:
Our customer, operates a major Gas Terminal in the UK that supplies up to 25% of the UK’s domestic gas supply. A 400km undersea gas pipeline connects into a central riser platform, which in turn connects into approximately 40 offshore gas platforms. Gas is transferred through the pipeline back to the terminal where it is processed for distribution into the national grid for domestic consumption.
The Scenario
Due to the amount of gas processed, the facility is classed as an operator of essential services. Due to the hazardous process in operation, the site also falls under the Control of Major Accident Hazard (COMAH) regulations. In 2017 the UK Government brought industrial cyber security requirements under both NIS and COMAH legal regulations.
Customer Requirements
Recognising this new challenge, and the legal requirements to comply with complex cyber security frameworks, standards and technologies, the senior leadership team needed a trusted partner to assist. In 2018, Tekgem partnered with the Gas terminal to ensure they understood their cyber risk, and manage it effectively.
Customer Journey
2018: Site Survey & Vulnerability Assessment
Tekgem carried out a full site survey to create a comprehensive device inventory & simple network diagram based upon IEC 62443 network levels and security zones. We followed on by carrying out an in depth vulnerability assessment & gap analysis with detailed report that documented recommendations & actions to fix identified vulnerabilities & weaknesses across the people, processes & technologies on site.
2018: Cyber Security Management System & Risk Assessment
The HAZOP risk assessment conducted by Tekgem aimed to identify potential cyber security risks associated with major accident hazards and the loss of essential services. By analysing various operational scenarios and their vulnerabilities, we established a comprehensive understanding of how cyber threats could impact safety and service continuity, enabling our client to implement effective mitigation strategies.
2019: Network Segregation & Manufacturing DMZ Implementation
Tekgem designed and implemented a new secure network architecture, based on industry best practices and international standards. We implemented a new manufacturing DMZ network with next generation firewalls, as well as centralised cybersecurity infrastructure including hypervisors, network attached storage & time synchronisation servers.
From this infrastructure, Tekgem then went on to implement centralised endpoint protection, patch management, security monitoring, secure remote access and backup/recovery platforms.
2020 – Present: Tekgem Loop Partnership
Our client signed up to Tekgem Loop, our cyber security managed service to retain our dedicated cyber security engineering resource on a monthly basis to carry out routine maintenance activities.
2021 – Tekgem Unity Implementation
Tekgem Unity was implemented to provide the customer with 27/7 visibility for asset & vulnerability management .
2022 – Tekgem Shield Implementation
The customer implemented Tekgem Shield for removable media protection and secure file transfer between their different security zones and network levels.
2023 – Involvement with Government Cyber Security Inspection
We worked with the site team to prepare for and take part in a governement cyber security NIS inspection. The customer received good feedback from the regulator without any legal actions.
2024 – Industrial Network Upgrade
Tekgem upgraded the customers industrial network equipment including hardened switches and routers to remove vulnerabilities, ensure they were fully supported, in warranty and compliant with their Cyber Security policies detailed within their CSMS.
Building Trust: The Power of Long-Term Partnerships in Cyber Security
Our customer’s journey with Tekgem has been a transformative experience for the Gas Terminal, as we navigated the complexities of industrial cyber security together. From our initial collaboration in 2018 to understanding their unique cyber risks and regulatory requirements, we have become a trusted partner dedicated to enhancing their security posture. Our long-term partnerships are not just about compliance; they represent a commitment to continuous improvement and resilience against evolving threats. By fostering these relationships, we ensure that our customers benefit from ongoing support, tailored strategies, and innovative solutions that adapt alongside their operational needs. We believe this collaborative approach is essential for securing critical infrastructure effectively and sustainably in an ever-changing digital landscape.
