Balancing Security and Operational Visibility
O&G (oil and gas) pipeline operators need access to real-time operational data to maintain safe and efficient operations, but connecting OT systems directly to IT environments exposes critical infrastructure to cyberattacks that could disrupt national fuel supply chains.
The gravity of these risks became starkly apparent in May 2021, when a devastating cyberattack on Colonial Pipeline sent shockwaves throughout the United States energy sector and beyond.
Since then, regulators and operators alike have recognized that energy infrastructure is not just a business asset — it’s a national lifeline. In July 2022, the TSA (Transportation Security Administration) issued SD02C (Security Directive 2021-02C), requiring pipeline operators to strengthen IT/OT segmentation, establish secure air gaps, and embed cyber defenses to ensure operational readiness, even if IT systems are compromised.
For our national O&G pipeline operator, the path to compliance with TSA's new security directive presented a multifaceted challenge that went far beyond simple regulatory checkbox-ticking. Their operational requirements were non-negotiable: they needed to continue providing real-time billing data to customers and partners, manage complex data sharing arrangements at interconnection terminals where multiple pipeline systems meet, and maintain the granular operational visibility necessary for safe pipeline management.
Simultaneously, they had to dramatically reduce threat vectors across their OT networks while ensuring full compliance with TSA's stringent security requirements.
Hardware-Enforced Security with MetaDefender Optical Diode™ (Fend)
To meet compliance requirements and reduce the attack surface, the company turned to OPSWAT’s one-way diodes to pull operational flow data from all key network nodes back to the NOC (Network Operations Center). They were able to integrate real-time operational data into the NOC while eliminating unrestricted communication between their OT and IT networks.
The customer utilized consequence-driven cyber informed engineering to establish a ‘digital twin’ strategy. With MetaDefender Optical Diode (Fend) they safely replicated their data loggers onto the enterprise network, receiving real-time data while protecting the SCADA system with physical isolation.
Securing Smarter O&G Infrastructure
For many years, one-way data diodes have been trusted for the most critical applications, including the protection of nuclear power plants. Data diodes physically block 100% of all inbound traffic, offering the same level of security as a physical air gap for remote monitoring without operational vulnerabilities.
MetaDefender Optical Diode (Fend)’s easy-to-deploy hardware brought data diode protection to gas pipelines and oil refineries at a fraction of the price of traditional solutions. By partnering with OPSWAT, our customer achieved visibility across the rest of the value chain, enabling real-time analytics, flow-rate modeling and predictive maintenance while protecting operational networks and assets.
Addressing TSA Requirements
In response to TSA Security Directive 2021-02C, pipeline operators were required to organize operational technology assets and segment IT/OT networks based on criticality, consequence, and operational necessity. This directive made one-way communication diodes an ideal solution for compliance and protection.
By implementing MetaDefender Optical Diode (Fend), the customer gained:
- Physical isolation through optical hardware that prevents all inbound communication.
- Secure, real-time data transfer from OT to IT networks without expanding the attack surface.
- Maintenance-free protection with no software patches or updates required.
- Built-in regulatory compliance aligned with the needs of critical infrastructure operators.
- Maintains operational resilience even if IT networks are compromised.
Building Resilient Energy Infrastructure for Tomorrow
The threats facing energy infrastructure are only growing — from ransomware campaigns to nation-state actors probing for vulnerabilities. In fact, according to Zscaler’s 2025 ThreatLabz report, ransomware attacks on the oil & gas sector surged 935% year-over-year (April 2024 to April 2025), as automation and interconnectivity increase the attack surface. Meanwhile, a Cybernews analysis found that over 50% of top oil & gas companies experienced at least one data breach in the past 30 days, and 94% had suffered breaches at some point to date.
MetaDefender Optical Diode™ (Fend) is part of OPSWAT's comprehensive suite of critical infrastructure security solutions designed to protect what matters most. As pipeline operators face growing regulatory scrutiny from agencies like TSA and increasingly sophisticated threat actors, cyber-physical security delivers an immutable defense layer that creates no additional attack surfaces. When America's energy infrastructure depends on your operations, OPSWAT provides the necessary protection and operational clarity that critical infrastructure demands with zero compromise on either front.
Conclusion
Ready to transform your IT/OT security posture?
Contact OPSWAT today to learn how MetaDefender Optical Diode™ (Fend) can protect your critical infrastructure while ensuring regulatory compliance and operational excellence.
