New tool to protect US oil and gas sector from cyber attacks

A new public-private partnership to strengthen protection of the oil and gas infrastructure from cyber attacks has been announced in the US. Led by the Energy Department in collaboration with […]

Register now!

By Priyanka Shrestha

A new public-private partnership to strengthen protection of the oil and gas infrastructure from cyber attacks has been announced in the US.

Led by the Energy Department in collaboration with industry experts, the Department of Homeland Security and other stakeholders, the initiative will create a tool that allows owners and operators to assess and prioritise their actions and investments to improve cyber security.

The Energy Department will host a series of meetings over the next few months where the participants will collaborate to create a draft Oil and Natural Gas Cybersecurity Capability Maturity Model (ONG-C2M2). More than a dozen owners and operators are expected to take part in a pilot programme that will assess the model’s effectiveness following which it will be updated and released to industry.

The news comes after the US Council on Foreign Relations said the energy sector, including oil and gas producers, was hit by more targeted malware attacks from April to September last year than any other industry.

Energy Secretary Ernest Moniz said: “As cyber threats continue to increase in frequency and sophistication, helping critical infrastructure owners and operators across the energy sector identify opportunities to strengthen their own cyber security capabilities is a top priority.

“Building on the successes in the electricity industry, this initiative for the oil and gas sector is an important step in moving us closer to achieving the Department’s vision of resilient energy delivery systems that can survive a cyber incident while sustaining critical functions.”

Last month it was claimed the energy sector in the Middle East is “more vulnerable” to cyber attacks than the rest of the world. Earlier this year a British security firm also claimed that power companies are increasingly at risk from cyber-attacks because their computer security is stuck in the last century.