Report Highlights Industry’s Leadership in Protecting Infrastructure from Cyberattacks
Jessica Lutz
Posted October 31, 2018
A new report illustrates just how prepared natural gas and oil companies are when it comes to defending themselves and American energy consumers against malicious cyber threats – a fundamental component of the industry’s resiliency and something we’ve demonstrated time and again.
The report provides insight for policymakers into the comprehensive cybersecurity programs of the natural gas and oil industry. It was released by API and the broader memberships of the Natural Gas Council (NGC) and Oil and Natural Gas Subsector Coordinating Council (ONG SCC) – the official body representing the operators of natural gas and oil infrastructure to the federal agencies involved in industry-related security. From the report:
The reliance upon proven risk management-based frameworks and public-private collaboration, rather than prescriptive regulation, is the most effective and robust method of bolstering the cybersecurity of the natural gas and oil industry and the critical infrastructure they operate. With the increasing sophistication and adaptiveness of cyber adversaries, it is essential that industry be afforded the necessary flexibility and agility to respond to a constantly-changing threat landscape, and that government and industry continue to partner to share cyber threat intelligence and strengthen cyber defenses.
Cyber threats are not new or unique to pipelines; they are present across the energy system, including at coal and nuclear plants. As the report points out, cybersecurity is a top priority for pipelines and the larger natural gas and oil industry. Companies recognize that their assets are targets for cyber attackers and acknowledge that cyberattacks can present enterprise-level risks – risks that could compromise the viability of a company.
This is why natural gas and oil companies have developed comprehensive, multi-dimensional approaches to cybersecurity based on leading frameworks and best-in-class standards, with oversight from Boards of Directors and high-level executives, and why industry works with the government agencies responsible for cybersecurity throughout every segment of the value chain.
In conjunction with the report, API launched a video highlighting the American natural gas and oil industry’s investment in people and cybersecurity technology to keep America’s energy infrastructure safe and operating reliably. Take a look:
We talk a lot about natural gas – and making sure America’s natural gas infrastructure is safe and secure – and there are good reasons for that: This clean and abundant fuel is now the nation’s leading source of electricity generation, powering nearly one in three U.S. homes and helping to bring carbon emissions to 25-year lows. In addition to our industry’s defense-in-depth cybersecurity programs, the very ubiquity that’s made natural gas so dependable and affordable is also a security asset. The production, distribution and storage components of the natural gas system are geographically diverse and flexible, creating resiliency that is further reinforced by multiple fail-safes, redundancies and backups.
Let’s close with some of what is being said about this latest report and the resiliency of natural gas and oil infrastructure:
API President and CEO Mike Sommers:
“Cybersecurity is a top priority for the natural gas and oil industry. As the owners and operators of critical energy infrastructure, our companies are providing the leadership, proactive solutions and ongoing coordination with federal agencies to help prevent future cyberattacks. Natural gas and oil pipeline systems are purpose-built to be highly resilient and our members are leaders in cybersecurity, sharing cyber threat indicators and intelligence with each other and with the U.S. government through the Oil and Natural Gas Information Sharing and Analysis Center.”
INGAA President and CEO Don Santa:
“This report makes clear that assertions regarding the inadequacy of natural gas pipeline cybersecurity are not grounded in reality. The natural gas industry makes extensive investments in cybersecurity and works directly with the federal government agencies immersed in these issues. These efforts demonstrate that the current framework facilitates the safe, secure and efficient operation of the natural gas pipeline system.”
Statement from the Natural Gas Council:
“Safety is the top priority for the associations that make up the Council and the companies they represent. Individually and through numerous levels of industry collaboration and the sharing of best practices, the industry has developed comprehensive approaches to cybersecurity to keep America’s energy infrastructure safe and operating reliably. This report provides insight for policymakers into the comprehensive cybersecurity programs of the natural gas and oil industry.”
About The Author
Jessica Lutz is a writer for the American Petroleum Institute. Jessica joined API after 10+ years leading the in-house marketing and communications for non-profits and trade associations. A Michigan native, Jessica graduated from The University of Michigan with degrees in Communications and Political Science. She resides in London, and spends most of her free time trying to keep up with her energetic Giant Schnauzer, Jackson.