The Client

Indorama Eleme Petrochemical Limited (IEPL), located in Port Harcourt, Rivers State, Nigeria, a Group Company of Indorama Corporation, is a Poly-Olefins producer of a range of Polyethylene and Polypropylene products. IEPL was a 100% subsidiary of Nigerian Government owned Nigerian National Petroleum Corporation (NNPC) with the name Eleme Petrochemicals Company Limited (EPCL).  The Complex has state of art Olefins plant, Polyethylene / Butene and Polypropylene Plants. The operations are well supported by a Captive Power Plant, Utilities, Effluent Treatment Plant, Storage Tanks, Bagging, Warehouses and other supporting facilities.

Background and Key Challenges

Indorama’s facilities in Nigeria across the plant and substation utilized complex infrastructure comprising of Industrial Control System (ICS) and Operational Technology (OT) Systems that gave rise to significant cybersecurity challenges. With the expanding threat landscape, the organization also struggled in maintaining a secure OT environment.  Incomplete asset inventories, the absence of real-time threat visibility, and limited cybersecurity measures posed serious risks to critical manufacturing systems as well as operational continuity.  Furthermore, there were concerns over third-party vendors who frequently accessed the ICS network for support and maintenance, in the absence of 24X7 threat detection and response service.

Goals

• Enhance cybersecurity across OT systems at the facilities including a cybersecurity protection strategy for critical and volatile production processes.
• Achieve real-time threat visibility across its ICS systems, the OT network, and networked assets.
• Establish a process for conducting daily asset inventories across the facilities.
• Improve network monitoring and enhance incident response capabilities.

The Solution: Inspira Enterprise Approach

To address the cybersecurity challenges, Indorama Ventures partnered with Inspira Enterprise, a global cybersecurity risk management service provider with rich experience in implementing large cybersecurity deployment programs and expertise in delivering modern AI/ML-based SOC. 

Inspira’s team reviewed Indorama’s Control System Architectures & Networks. Accordingly, a solution was proposed for the effective monitoring of networks & OT Assets. 

The solution comprised of:

1. Nozomi Guardian Sensors and CMC (Central Monitoring Console) to monitor the individual plant proprietary control networks.
2. IBM’s QRadar to monitor the system logs of all the servers and workstations.
3. Firewalls to segment each plant and have provision for Natted IP’s.

Real-Time Visibility and Threat Intelligence: The team deployed Nozomi Central Management Console which aggregated information from the sites and assets and delivered visibility of the OT networks, after a gathering and learning period. Guardian Sensors provided real-time OT visibility and monitoring. The deployment ensures proactive monitoring and timely detection of threats.

Vulnerability Assessments & Security Information and Event Management (SIEM): IBM QRadar SIEM was integrated into the solutions enabling the collection and analysis of security events and logs from all the systems and devices.  This provided a single-pane view of cybersecurity incident response, thereby enabling timely threat detection, correlation of events, and rapid response.

Impact of the Solution – Benefits

• 360-degree Threat Visibility: Real-time Operations Visibility and Enhanced Cybersecurity were established. Indorama gained real-time visibility into its ICS environment, which enabled proactive monitoring and quick response to all potential threats.
• Better Asset Management: The comprehensive automated daily asset inventory provided detailed information about the devices and the organization had complete control over its OT infrastructure. Asset Management practices were significantly improved and all regulatory requirements were met, thereby enhancing the cybersecurity posture.
• Enhanced OT Cybersecurity: All security measures, including daily asset inventories, SIEM, VAPT, and network monitoring, protected the critical infrastructure, improved incident response capabilities, minimized the risks, and improved the OT cybersecurity.

Ravi Sailesh, Head Instrumentation and Controls, Projects at Indorama Petrochemicals Ltd said, “The engagement with the Inspira Enterprise team has indeed been rewarding for us.  The team has been successful in implementing and deploying the on-premise cyber resilience solution which has helped us in getting real-time alerts and updates. The OT cybersecurity solution has helped us to gain greater visibility of assets across the plant while ensuring continuous real-time vulnerability assessment. Visibility not only included the identification of connected devices on the plant floor but also the detection of OT protocols, and communication patterns in a completely passive and non-intrusive way. The intrusion detection system was integrated with the On-Prem SIEM solution so that OT alerts could be monitored on a unified dashboard for remediation.”