A Game-Changing Cybersecurity Transformation at NOV

National Oilwell Varco (NOV), under the visionary leadership of CIO Alex Philips, is redefining cybersecurity with a groundbreaking Zero Trust architecture. This paradigm shift is not just about buzzwords; it's leading to a staggering 35-fold reduction in security incidents and major cost savings by ditching outdated hardware.

Inside the Strategy: How NOV Achieved Dramatic Results

In a deep dive with VentureBeat, Philips detailed how NOV harnessed Zscaler’s Zero Trust platform alongside innovative identity protections and AI-driven enhancements. He highlighted how these strategies transformed their security operations, managing to eliminate the need for constant PC reimaging due to malware.

Cyber Threat Landscape: Understanding the Challenge

Philips is acutely aware of the global cyber threat environment, where a shocking 79% of attacks use tactics other than malware to breach defenses. With adversaries often able to infiltrate systems in less than a minute, a robust cybersecurity framework is more essential than ever.

Zero Trust: The Backbone of NOV’s Security

Philips shared how transitioning from a traditional security perimeter to a Zero Trust model vastly improved NOV's defenses. By building a security-first identity-driven architecture, they enhanced visibility and protection while slashing the number of malware incidents from thousands to just a fraction.

Innovative Networking Solutions: Cutting Costs and Increasing Speed

The rearchitecture of NOV's network leveraged internet-based connectivity, leading to a staggering increase in speed by up to 20 times and annual savings exceeding $6.5 million. This strategic decision empowered 27,500 users and third parties to access internal applications without exposing them directly to the internet.

Tackling Malware-Free Attacks: A Focus on Identity Security

Philips emphasized that attackers increasingly prefer stealing credentials to bypass defenses rather than deploying malware. With about a third of cloud breaches involving valid credentials, NOV has fortified its identity management systems, integrating Zscaler with Okta to create robust conditional access policies.

The Importance of Session Management in Cyber Defense

Philips revealed crucial insights into effective session management, noting that simply disabling a compromised account isn’t enough. Their initiative to revoke session tokens immediately helps prevent lateral movement within the network.

AI: A New Ally in Cybersecurity

Recognizing the limitations of their relatively small security team, NOV turned to AI to bolster their operations. Partnering with SentinelOne, they introduced AI co-workers to automate log analysis and significantly accelerate incident response times.

Engaging Leadership: Cybersecurity as a Core Business Focus

Philips ensures that NOV’s board is well-informed about cybersecurity risks, turning what was once viewed as a purely technical issue into a fundamental business concern. Regular updates and tabletop exercises cultivate an organizational culture that prioritizes cybersecurity.

Key Takeaways for Other IT Leaders

Philips advises CIOs and CISOs to recognize the intertwined nature of security transformation and digital advancement. Emphasizing collaboration and proactive management of risk, he encourages leaders to leverage AI carefully to bolster defenses without compromising sensitive data.

A Future-Proof Strategy Against Evolving Threats

As cyber threats continue to evolve, NOV's commitment to Zero Trust, strong identity security, and innovative AI applications positions them for success. With these advances, they are not just responding to threats—they are actively shaping a resilient cybersecurity future.