Energy & Utilities

OT Security for a saudi energy leader

OT SIEM Project in a power plant: security and control in compliance with NCA cybersecurity regulations.

Application Security
Cybersecurity
Defence
Innovation
OT Security
SIEM

ACWA Power is a prominent operator of power generation, renewable energy, and desalinated water plants. The company focuses on delivering sustainable and affordable solutions, making a significant contribution to the global energy transition and sustainability goals in the regions where it operates.

Headquartered in Riyadh, Saudi Arabia, ACWA Power operates in over 13 countries across the Middle East, Africa, and Asia. Its diversified portfolio includes solar, wind, gas, and oil energy projects such as Noor Energy 1, Redstone Solar Thermal Power, and the NEOM Green Hydrogen Project. Additionally, ACWA Power is a global leader in water desalination, with a production capacity of 8 million cubic meters of potable water per day.

The Requirement

The ACWA Power group faces the critical challenge of ensuring compliance for its energy and potable water production facilities, vital resources in these countries. It is essential that these facilities adhere to the regulations of Saudi Arabia's National Cybersecurity Authority (NCA), among others.

The project involved implementing an OT SIEM solution based on Splunk technology and its integration with Nozomi within a power plant. Mashfrog's technical team designed the monitoring infrastructure, tackling the challenge of extracting information from the OT/ICS environment beyond the data diode, all while adhering to NCA cybersecurity regulations.

Challenges

Integration with Existing Infrastructure: Adapting Nozomi solutions to the plant's existing technological infrastructure without disrupting operations.
OT Network Segmentation: Managing a complex and segmented network within the power plant.
Full OT Asset Visibility: Detecting and monitoring all assets, including legacy devices.
Data Extraction via Data Diode: Extracting information from the OT/ICS environment under unidirectional traffic conditions, specifically through a data diode already in operation at the facilities, in compliance with NCA regulations.

Solutions

The Mashfrog expert team, after a detailed analysis of the "as-is" state and considering ACWA's needs, guided the process through:

Architecture Definition: Supporting ACWA Power's technical team in sizing, performance, storage, communications, security, hardening, configuration, and infrastructure maintenance.
Supplier Selection: Careful selection of the best suppliers, integrators, and vendors to develop projects and achieve high levels of cybersecurity.
RFP/RFQ Support: Defining requirements for requests for proposals and assisting in evaluating each offer.
Project Management: Ensuring the success of each project and compliance with cybersecurity, regulatory, and conformity requirements in both IT and industrial environments.

The expected benefits of the project represent a milestone in the growth and development of ACWA Power, as they include:

Improved visibility and control.
Timely threat detection.
Enhanced operational security.
Compliance with regulations.