Upstream Data Management and Cyber Security Remain Digital Focus
In the digital age, organizations need competent and formidable information technology (IT) to help optimize their two greatest assets—people and technology.
At the Microsoft Global Energy Forum 2012 held in Houston recently, industry leaders gave their perspective from the forefront of upstream energy, and security experts discussed cyber security issues. Other topics included energy sector data identity federation, real-time SCADA analysis, wireless workforce enablement, production and reserves improvement, smart grid and pipeline reliability, petrotechnical computing environments, portfolio management, and cloud computing.
Harnessing the Power of Data
Large volumes of data pose a major challenge in the modern oil and gas industry. These data, however, are the key to optimizing predictive analysis and perfectly streamlined real-time operations in the industry’s near future.
The technology must accommodate a complex corporate scope that includes manufacture and supply chain, transportation and logistics, workforce, education, access to capital, and documentation processes in order to deliver competitive cost structure and continuous service quality, said Ken Braud, senior vice president and chief information officer of Halliburton. He was one of the speakers on the forum’s opening executive panel. New technology allows for more complex field work, which brings about new data challenges, he said.
“We have leveraged information technology at Halliburton for a long time, but what is different today is we deliver real-time information to our customers and to our employees for mobile devices,” Braud said. This allows decision making at a remote location and “bringing the well to the expert.” The shift in the fundamental nature of field service is bringing about much growth and change in the industry.
With an enhanced focus on data, the quality of the data becomes a sensitive focus, said Johan Krebbers, vice president of architecture and group IT architect at Shell. And as the industry is also experiencing enormous increases in the volume of data for complex processes and on-the-fly data analysis, the data quality (or lack of quality) becomes more obvious, he said. When properly handled, a high volume of data allows for predictive analysis, and the process becomes a real-time operation, he said.
The industry can also look forward to predictive analytics, dynamic file system indexing, and super-memory processing powers, as the price of memory becomes more economical, said Clif Triplett, vice president and chief information officer of Baker Hughes.
“We need to maximize what we can right now, in these so-to-speak boom periods,” Triplett said. “We’re going to start drilling with far more knowledge of what’s about to happen, instead of what just happened.” Well service is a community task, not a one-person operation, he said. Upstream tools are becoming more complex, the landscape is getting tougher, there are more downhole electronics, and this new complexity needs to be logically recorded and interpreted in order to be beneficial, he said.
Furthermore, neglected or mishandled data is of no use to anyone. The biggest concern is the prolific growth of unstructured data or unstructured content that is of questionable value, Braud said. “Unstructured data is almost the ‘Wild Wild West,’ and we’ve got to do something to change that.” In the next 10 years, he said he foresees great advances in the implementation of downhole telemetry and “that’s going to magnify the challenges and problems—we’re talking about real-time analytics.”
Triplett said unstructured data, which currently is not well understood and is underused, nevertheless has great potential. “I think there there’s a lot of information out there to be harvested, and only now do we have the ability,” he said.
Staying Ahead of the Threat
In addition to making sense of big data, it has to be protected, and policing today’s business and industry involves IT. The technology is inseparable from data management, infrastructure, and operations security, so any potential threats to IT security have serious implications in both business operations and daily life.
As the world’s largest software company, Microsoft is the global network most probed on the Web—second only to the US Department of Defense, said Mike McDuffie, vice president of US Public Sector Services at Microsoft and a retired US Army lieutenant general. As such, the company constantly seeks to monitor, respond to, and stay ahead of the evolving cybersecurity threat environment, and makes recommendations about how to defend against, and respond to, cyber attacks. “I actually think it is so severe, it is so unique, and we are so ill prepared,” McDuffie said. “I think it can catch you off guard.”
Cyber crime can take the form of various types of sabotage, economic espionage, and military/state espionage. Michael Howard, principal cyber security architect at Microsoft, said he considers security from the perspective of threats, not infiltrations. He is responsible for secure design, secure coding, security testing, malware, defenses, and understanding attackers and their motives.
Sensitive data traffic in industrial control system data ports are often managed by supervisory control and data acquisition (SCADA). For example, the Stuxnet worm virus successfully shut down uranium production in Iran by exploiting a one-line code vulnerability, Howard said. In another example, the cyber attacks in Estonia in 2007 were so extensive and well coordinated that they significantly affected the operations of the country’s government, banks, and media.
Microsoft’s Trustworthy Computing campaign seeks to deliver secure, private, and reliable computing experiences based on sound business practices. The company’s 168-page Security Intelligence Report Volume 11, which is available for download, is intended to expose the threat of a landscape of exploits, vulnerabilities, and malware. It includes worldwide and regional threat assessments with detailed telemetry by location, and a section about risk management and protection methods.
“A lot of folks don’t think they have a problem,” said Dorian Orr, director of cyber security at Microsoft. But threats can take many forms (and not all from the outside), such as disgruntled employees and overlooked malware sitting on the servers, he said. And, from a cyber security standpoint, any clandestine activity is automatically suspicious, Orr said. “People who want to steal your Internet Protocol information don’t want to be public about it,” he added.