Industry: Energy & Utilities
Project Overview:
Endeavour Energy undertook a strategic initiative to secure its SCADA networks through network segmentation. The goal was to isolate critical control systems from corporate IT networks and reduce the risk of cyber intrusions.
Challenges:
- SCADA systems were integrated with broader IT networks, increasing exposure to external threats.
- Legacy devices lacked built-in security, making them vulnerable to lateral movement.
- There was limited visibility into traffic flows between control zones.
Solution:
Sydco implemented a segmentation strategy based on the Purdue Model & access requirements, creating distinct zones for field devices, control systems, and enterprise applications. Next-generation firewalls and policies were deployed to enforce strict and granular communication rules. Monitoring points were established to track inter-zone traffic and detect anomalies.
Results:
- SCADA systems were isolated from non-essential network traffic, reducing the attack surface.
- Operational integrity was preserved while enhancing security posture.
- The segmentation framework supported compliance with ISO 27019 standards.
