How the industry is balancing the risks and benefits of digitization in search of efficiency, safety and sustainability.

The oil and gas industry has always strived to innovate and embrace new technologies which improve safety and efficiency. A recent study by VDC Research indicates that nearly two-thirds of industrial organizations anticipate reaching the “fully digital” stage—characterized by proactive and continuous enhancement of digital capabilities—within the next two years.  

However, despite undoubtable improvements to operational efficiency, digitalization also has the unfortunate side effect of opening up threat vectors and risking the safety of the plant itself. Simply put, it’s not possible to improve connectivity without opening up greater potential for cyberthreats. 

Kaspersky recently conducted an internal research and a series of interviews with leading professionals from the oil and gas industry to identify the key digital trends shaping the sector’s future. These discussions shed light on critical needs and innovative strategies that are transforming the way the industry operates in an increasingly digital environment. 

Ranging from IT/OT convergence to robotization and 5G, these core trends underscore the dynamic landscape that is driving growth, resilience, and innovation within the oil and gas sector today: 

1. IIoT and cloud computing

The Industrial Internet of Things (IIoT) is revolutionizing oil and gas operations by enabling real-time remote monitoring of drills, pipelines, and environmental conditions. These sensors help improve safety, predict failures, and optimize performance through data-driven insights. Cloud computing complements these capabilities by offering scalable analytics for refinery monitoring, logistics, and demand forecasting. Nevertheless, the reliance on cloud platforms increases vulnerability to cyberattacks. As Moody’s predicts, approximately 14% of the industry will utilize public cloud services, which significantly expands the attack surface. Cyber adversaries can exploit vulnerabilities in cloud infrastructure, leading to potential data breaches, operational disruptions, or even physical damage.

2. AI, ML and hyper-automation 

Artificial Intelligence (AI) and Machine Learning (ML) underpin hyper-automation initiatives that optimize maintenance, energy consumption, and operational workflows. These technologies enable predictive analytics, reducing downtime and improving cost efficiency. However, the increasing dependence on AI-driven systems makes the industry susceptible to sophisticated cyber threats such as data poisoning, model manipulation, or malware targeting autonomous decision-making processes. If malicious actors compromise AI models, the consequences could range from incorrect maintenance schedules to catastrophic operational failures.

3. IT-OT convergence

The integration of Information Technology (IT) and Operational Technology (OT) systems facilitates remote operation, data sharing, and improved decision-making. While this convergence enhances efficiency, it also creates critical security gaps. Legacy OT systems often lack modern security features and were not designed for external connectivity, making them prime targets for cyberattacks. The interconnected nature of these systems means that a breach in one area can cascade across the entire operational network, risking safety and production continuity. The risk is compounded by the tendency to rely on unsecured or outdated infrastructure.

4. Robotization and 5G 

The deployment of AI-enabled robots, drones, and unmanned underwater vehicles supports inspection, diagnostics, and exploration in hazardous environments. The advent of 5G connectivity enhances real-time data transmission, enabling rapid decision-making. Yet, these autonomous tools are vulnerable to malware and hacking, which could lead to equipment sabotage or manipulation of critical operations. As robots increasingly replace human inspections, the industry faces the dilemma of maintaining operational resilience against cyber threats targeting these remotely controlled assets.

5. Digital twins 

Digital twins—virtual replicas of physical assets—allow engineers to simulate scenarios, optimize processes, and troubleshoot issues without disrupting live operations. While invaluable for efficiency and safety, digital twins pose significant cybersecurity risks. A compromised digital twin could be manipulated to mislead operational decisions or expose sensitive data. NIST recommends implementing zero trust architectures to mitigate such threats, but the challenge remains in securing complex, interconnected models that are attractive targets for cybercriminals.

6. AR and VR technologies

Advanced visualization technologies like Augmented Reality (AR) and Virtual Reality (VR) facilitate remote training and repair operations, enabling experts worldwide to ‘walk through’ plant facilities virtually. However, integrating these immersive environments introduces new attack vectors, particularly through unsecured remote access points. Malicious actors could manipulate AR/VR systems to cause operational errors or steal sensitive data, especially if legacy OT systems are involved. The patchwork of aging technology and outdated security measures heightens the risk of cyber intrusion.

While these technologies are helping to build a smarter, safer and more resilient future, one where data-driven insights and automation redefine what’s possible across the entire value chain, they are also creating a wealth of opportunities for cyber-attack. Every single piece of connected technology represents a potential focus area of attack, otherwise known as attack surface expansion

Such an interconnected system becomes vulnerable to cyberattacks as a connection to one computer or terminal gives access to a wider surface of infrastructure. The rewards for a successful attack are astronomical.

Hyper-connected environments introduce significant vulnerabilities, particularly through the integration of legacy infrastructure and the challenges of IT-OT convergence. Many operational sites rely on unsecured legacy systems with outdated technology that were never designed for external connectivity, making them inherently vulnerable. 

Moreover, granting external access to pipelines and refineries for employees and third-party vendors, while operationally essential, creates new entry points that must be rigorously secured to prevent a breach in one system from compromising the entire operational network. 

Compounding these technical challenges is a critical personnel deficit. The industry’s longstanding struggle to recruit and retain skilled professionals is escalating with digital transformation, creating a high demand for workers with hybrid expertise in both engineering and cybersecurity that is difficult to meet. This skills gap can hinder an organization’s ability to manage complex digital ecosystems and respond effectively to incidents.

In response to these evolving threats, stringent Critical Infrastructure Protection (CIP) regulations are being implemented globally to establish a security benchmark for the sector. These regulations commonly mandate robust risk management assessments, comprehensive security policies, incident response planning and workforce training, creating a necessary framework for securing OT systems against increasingly sophisticated attacks.

To harness the full potential of digitalization while safeguarding assets and personnel, industry stakeholders must prioritize robust security frameworks, invest in skilled cybersecurity talent, and adopt best practices for managing complex, interconnected systems.