For the first time, 18 global organisations from the oil and gas ecosystem are championing a unified approach to mitigating growing cyber risks and pledging to promote cyber resilience. The companies which have taken the pledge are: Aker ASA, Aker BP, Aramco, Check Point Software Technologies, Claroty, Cognite, Dragos, Ecopetrol, Eni, EnQuest, Galp, Global Resilience Federation, Maire Tecnimont, Occidental Petroleum, OT-ISAC, Petronas, Repsol and Suncor.
This agreement came during The World Economic Forum Annual meeting in Davos.
In response, DNV has provided the following comment:
Trond Solberg, Managing Director, Cyber Security, DNV, said: “Cyber-attacks on industrial sectors are becoming more common, complex, and creative as critical infrastructure becomes increasingly networked and connected. Energy companies have been tackling IT security for several decades. However, securing operational technology (OT) – the computing and communications systems used to manage, monitor and control industrial operations – is a more recent and increasingly urgent challenge.
“As OT becomes more networked and connected to IT systems, attackers can more easily access control systems operating critical infrastructure. Life, property and the environment are at stake. It is now possible for attackers to disrupt energy supply in a power grid, shut down a wind farm, and ultimately disable the safety systems in pipelines, refineries or oil and gas platforms.
“DNV’s latest research on the state of cybersecurity in the energy industry reveals that the sector is waking up to the rapidly emerging cyber threat. But defensive action is lagging.
“The challenge with managing new industrial cyber security risks is that there is not enough best practice available to guide operators, manufacturers and regulatory authorities in building an effective force of defense against emerging threats – particularly for older industrial infrastructure that doesn’t have cybersecurity built into it by design.
“There has never been a more important time for the energy industry to come together to share knowledge, create best practice and develop new standards in the fight against cybercrime. We are already seeing industry players come together to develop technical best practice, such as the IEC 62443 standards for cybersecurity in automation and control systems, and DNV’s Recommended Practice for its application in the oil and gas industry. The World Economic Forum’s cyber resilience pledge demonstrates the energy industry’s recognition for the need to go further in taking collective action.”
Read the article online at: https://www.worldpipelines.com/business-news/30052022/dnv-discusses-cyber-resilience/