Volume 23 Number 5


Editorial Editorial - Computer security in the cloud

Those dashing headlong to the cloud get a reality check as Google reveals, months after the fact, a breach in its Google + social network. Oil IT Journal Editor Neil McNaughton quizzes Google about the breach and contrasts the ‘cloud is secure’ approach with the plethora of bespoke oil and gas cyber security solutions we report on in this issue’s Cyber Security Round-Up.

At the EAGE earlier this year, geophysicists were bombarded with the notion that the cloud is where the smart folks are going. We were left with the impression that the move to the cloud is the very first, essential, step in the journey to digital nirvana-cum-transformation. Concerns about security in the cloud were brushed aside. Schlumberger’s Ashok Belani stated that “it is [Google, Amazon…] their profession to do this. Data is safer in the cloud than inside an IoC, let alone smaller companies. Google’s Gmail is one of safest platforms around.”

Of course, what Belani and nobody else knew was that some months earlier, Google had indeed been hacked but had decided not to tell anyone about it! OK, it was Google +, the company’s flagging attempt at a social network that was breached, but users of the ‘safest platform’ Gmail were also invited to use the ‘Security Check-up’ to see what other apps are linked to their account and revise their security parameters accordingly. The Guardian’s report on the incident has it that 438 different third-party applications may have had access to private information due to the bug. Google apparently has ‘no way of knowing’ whether they did because it only maintains logs of API use for two weeks. Ouch! That does not sound like a cyber security best practice to me. It doesn’t even sound like Google’s regular data retention which has been described as a ‘backup of the internet’ I guess there is one policy for stuff that Google plans to make money with, another for regulatory-sensitive data!

Even nearer to the geophysical bone, as we reported is the fact that Schlumberger’s Delfi uses Google’s Apigee API management platform to provide ‘openness and extensibility’ allowing clients and partners to add their intellectual property and workflows into Delfi. We asked Google if the flaw was in Apigee itself. We were assured not and pointed to the official release. This merits a good read through. It lets you know just what you are signing up for when you ‘accept’ the default T&Cs – chez Google and indeed with a labyrinthine network of unseen third parties.

Speaking at the 2018 CERA Week, Rice University’s Charles McConnell opined, re cyber security, that ‘No one has really got a great pathway or program, with everyone hunting in the dark. Everyone is searching for comfort, hoping that they are doing the right thing, with the right technologies and with support of the right companies and partners. Regulations do not exist and need to exist, and the leadership needs to be in place’. McConnell called for an ‘ISO-like’ cyber security standard for high performance industries. Well, good luck with that! McConnell also gave a gentle push to steer oil companies away from their traditional posture of ‘keeping data within their gates’ which ‘limits the usefulness of the digital ecosystem’. Maybe it does. These are oil companies after all.

Currently the world seems to be in denial about cloud insecurity. You may buy into the idea that the cloud providers are better than you are at cybersecurity. But on the other hand, there are billions of users of cloud data centers and even more anonymous IoT endpoints ready to be exploited. I guess it is easier for a CIO to buy into the ‘cloud is secure’ notion. The alternative is to work your way through the multiple cyber security offerings as exemplified in the latest Cyber Security Round-Up in this issue. BTW, Oil IT Journal has been tracking cyber security in oil and gas for over 20 years. From ‘deperimiterization’ to ‘re-perimeterization’ and now, well, what is the cloud? A cyber fortress or the next Maginot Line?

@neilmcn

Headlines

US Geological Survey moots National Data Repository

Energy Resources Program report highlights lack of ‘single source of consistent, national-scale geologic data’.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

The Digital Twin in Oil & Gas, an investigation

Oil IT Journal looks behind the hype at ‘twins’ from ABB, BHGE, BP, eDrilling, Halliburton, Kongsberg, Lloyds Resgister, Maplesoft and Siemens.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Text Analytics APIs, a consumer guide

Oil IT Journal takes a spin through Robert Dale’s authoritative analysis of commercial NLP programming tools.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Review - Demystifying OWL for the Enterprise, a review

Michael Uschold’s book does a good job of demystification. But claim of ‘growing take-up’ after a 15-year incubation period is questionable.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

OVS Optimization Matters Conference, OMC 2018

One Virtual Source’s user group hears from EP Energy, Parallel Petroleum, and Southwestern on deployment of the popular oil and gas production management and surveillance suite. McKinsey, Emerson and Hitachi chip-in with OVS joint offerings.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

ECIM 2018 E&P Data Management Conference, Haugesund

Introduction - Equinor’s Omnia and Digital Subsurface Laboratory. Data quality and the cloud. Agile plugs open source for upstream. New ‘Society for Petroleum Data Managers’ announced!

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Folks, facts, orgs ...

Information Coalition, ARMA, Implico, American Petroleum Institute, Atwell, Badger Meter, Brown & Root, Clean Energy Fuels, Fugro, Gravity Oilfield Services, Harris Corp., Hunting PLC, Kymeta, Milestone Environmental Services, MIT, Premier Oilfield Group, CSA Ocean Sciences, Carnegie Mellon Software Engineering Institute, Shell Silicon Ranch, Simmons & Company, Swagelok, Railroad Commission of Texas, ValTek Industries, ConocoPhillips, Neptune Energy, Indegy.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Done Deals

Akita Drilling, Xtreme Drilling, Akselos, Innogy Ventures, Shell Ventures, Altair, Simsolid, Applied-Cleveland, STS Consulting, ARMA, Information Coalition, BHGE, ADNOC Drilling, Vela Software Group, Coreworx, Drillinginfo, Oildex, EMAS Offshore, Halliburton, Barree Software, Indegy, Innovex Downhole Solutions, Buckhorn Casing Equipment, NetApp, StackPointCloud, Pacific Drilling, RS Energy Group, Petroleum Policy Intelligence.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Going, going, green

Methane, emissions control, CCS, climate, politics ... from Stanford, Bluefield, Bluesource, Office of Fossil Energy, NETL, IOGP, ISO, IFPen, Aerovia, NanoVapor, NAP, Oxy, White Energy, WellDog, Virginia Tech, Carbon GeoCycle, ExxonMobil, IEA, Integrated Informatics, Equinor, Opus 12, Texas Alliance of Energy Producers, Texas Railroad Commission.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Machine Learning and Artificial Intelligence Congress 2018, Houston

LBCG event hears from early adopters of ML/AI in oil and gas.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Sales, deployments, partnerships ...

National Oceanic and Atmospheric Administration, Google, Seeq, TechnipFMC, Sirius, Accenture, SAP, Aker Solutions, Equinor, Turbulent Flux, AspenTech, Advantech B+B, CUI Global, Samson, Drillinginfo, Landdox, Dassault Systèmes, Fluor, IBM Watson, Emerson, Fiber Optic Sensing Association, Weisz Bolivia, Maverick NextGen Energies, PwC, Perigon, Seequent, SAP, Accenture, Capgemini, Deloitte, Shell, Microsoft, C3 IoT, Texas Advanced Computer Center, iRODS Consortium, Teradata, Sasol, Saudi Aramco, Total, Google, Woodside, ENN Group, Aker BP, BHGE, ADNOC, Pemex, Rock Flow Dynamics.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Standards stuff ...

ECCMA, Authoritative Legal Entity, Association of National Numbering Agencies, Global Legal Entity Identifier Foundation, Energistics, EPIM, World Wide Web Consortium, FIDO Alliance, IFRS, XBRL, INSPIRE Geoportal, Sustainability Accounting Standards Board, Global Reporting Initiative, International File Exchange, PIDX, SAP Ariba.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Cyber security round-up

Studies, standards, warnings and entreaties from Carbon Black, ASUG, Darktrace, NIST, ISO/IEC, Honeywell, CERT, Rockwell, Marlink, DNV GL, EU, IBM Watson.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Software, hardware short takes ...

ABB Ability, HPE, Amphora, Dell EMC, eLynx Technologies, Dynamic Graphics, Exprodat, GeoLogic Systems, Getech, Honeywell, HydroZonix, INT, Larson, eDrilling, OSGeoLive, Quorum Software, Recon Technology, Rextag, TIBCO Software.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

Neo4J extends graph database with NLP and AI functionality

User Caterpillar reports 27 million parsed and tagged phrases in document repository.

Click here if you would like to receive a complimentary copy. This offer is discretionary and limited to one article per month for non-subscribers to Oil IT Journal.

© 1996-2018 The Data Room SARL All rights reserved. Web user only - no LAN/WAN Intranet use allowed. Contact.