Held at the company’s headquarters in Dhahran, the Cyber Security Protection and Response Workshop was opened by Khalid A. Al-Falih, president and CEO, Saudi Aramco, who in his keynote remarks said: “Saudi Aramco has a risk management system in place, and we identified IT as high risk based on its essential functions, and due to the potential impact of an IT related incident. We have therefore continually fortified our IT with rigorous protection technologies.
"However, we always realized that no matter what protections we had in place, we cannot be 100 percent sure that our information systems will not be breached. So we developed incident response plans to deal with different kinds of scenarios and contingencies.
"Thus, when the virus hit on August 15, we had in place the processes and systems to manage, as well as sufficient incident response and business continuity plans to deal with the ramifications. Built-in system architecture and protections for the primary components of our computer network, including firewalls and segmentation, meant that all our core operations continued smoothly.”
Al-Falih continued to say: “Not a single drop of oil was lost. No critical service or business transaction was directly impacted by the virus.”
Addressing the attendees from the Kingdom’s government agencies and major corporations, Al-Falih said, “We are offering this workshop so that we will have the full benefit of fresh insight into Saudi Aramco’s experience with this incident. What happened to us can happen to anyone. Working together we can increase our collective defense.”
Along with Al-Falih, Saudi Aramco’s IT managers and specialists were on hand at the workshop to share industry best practices and their experiences, emphasizing the importance of information protection and security as well as the ongoing dangers and lurking threats in cyber space.
Ahmed Al-Shaikh, manager of information protection and technology planning, Saudi Aramco, described the company’s efforts to contain the virus and minimize damage. The presence of multiple response systems and contingency plans to swiftly counter further cyber threats was critical for business continuity, he added.
It was also emphasized that as part of its incident response, the company quickly informed its stakeholders, employees, partners, customers and the public about the incident and provided regular updates in a timely manner.
Saudi Aramco also invited representatives of major IT and IT protection companies such as Microsoft and MacAfee to benefit from their experiences and recommendations. During the workshop, Company experts also discussed its corrective measures and mid- to long-term remediation actions. The workshop ended with an open discussion where the inquiries of the attendees were addressed by the participating experts.