diff --git a/openapi2kong/openapi2kong.go b/openapi2kong/openapi2kong.go
index 031bebe..a2a75ef 100644
--- a/openapi2kong/openapi2kong.go
+++ b/openapi2kong/openapi2kong.go
@@ -256,6 +256,10 @@ func getOIDCdefaults(
 		schemes := doc.Components.SecuritySchemes
 		scheme, _ = schemes.Get(schemeName)
 
+		if scheme == nil {
+			return nil, fmt.Errorf("security scheme not found in components: '%s'", schemeName)
+		}
+
 		if scheme.Type != "openIdConnect" {
 			// non-OIDC security directives are not supported
 			if !ignoreSecurityErrors {
diff --git a/openapi2kong/openapi2kong_test.go b/openapi2kong/openapi2kong_test.go
index 98d4e52..6b17f4d 100644
--- a/openapi2kong/openapi2kong_test.go
+++ b/openapi2kong/openapi2kong_test.go
@@ -167,3 +167,37 @@ paths:
 		assert.Contains(t, err.Error(), "path-parameter name exceeds 32 characters")
 	}
 }
+
+func Test_Openapi2kong_missingSecurityScheme(t *testing.T) {
+	testDataString := `
+openapi: 3.0.3
+info:
+  title: Missing security scheme test
+  version: v1
+servers:
+  - url: "https://example.com"
+
+paths:
+  /foobar:
+    get:
+      operationId: opsid
+      responses:
+        "200":
+          description: OK
+      security:
+        - missingScheme: []
+
+components:
+  securitySchemes:
+    defaultApiKey:
+      type: apiKey
+      name: api-key
+      in: header
+`
+	_, err := Convert([]byte(testDataString), O2kOptions{OIDC: true})
+	if err == nil {
+		t.Error("Expected error, but got none")
+	} else {
+		assert.Contains(t, err.Error(), "security scheme not found in components")
+	}
+}