Skip to main content

Xage’s CEO on Biden’s pending national security policy

Published by , Editorial Assistant
World Pipelines,

The Biden administration is slated to unveil a new national strategy that – for the first time – calls for comprehensive cybersecurity regulation of the nation’s critical infrastructure. As we await President Biden’s forthcoming policy signature, Xage Security’s CEO, Duncan Greatwood has compiled a few thoughts on how other sectors (there are 16 slated to be under the policy) can benefit from the experience of the oil and gas industry.

“As we await President Biden's signature on the US National Cyber Security Policy, inquiring minds may be wondering how critical infrastructure operators can actually implement the anticipated contents of the policy in practice. With 16 different critical infrastructure sectors targeted under the policy, it’s important to understand that each and every sector has its own unique considerations, regulations, governing boards, etc., which will factor into the successful adoption of policy. Oil and gas requires a unique approach from water and so on. That said, there are several lessons learned from the recent TSA directive to oil and gas, when it comes to acting on cyber legislation and regulatory mandates to achieve both compliance and cyber hardening that we should consider as we think about other sectors. The Colonial Pipeline attack was a wakeup call to the oil and gas industry, and we at Xage have seen first-hand (and applaud) the accountability this sector has shown in the cybersecurity realm, to address pervasive issues in the aftermath.

Here are two takeaways for all industries:

  • Business continuity planning must include cyber hardening measures for operational technology (OT).
  • Not just that, but OT must design-in preventative cyber measures to stop threats. When we're talking about our world's scarcest resources and critical systems, it's not enough to know you got hacked.

Assisting our critical infrastructure agencies to turn directives into effective actions is a responsibility shared by the cyber industry with government and organisations across sectors. We understand these are challenging economic times, with in some cases strapped OT and IT teams, but a top-down approach as it relates to government regulation isn’t as impactful as a collaborative approach. Cybersecurity companies are equally responsible for creating tools and offerings that not only contribute to optimal – even preventative – critical infrastructure security but also support the government policies with actionable guidance.”

Read the article online at:

You might also like

CO2 systems, studies and solutions

Alessandro Terenzi, Giorgio Arcangeletti, Enrico Bonato, Elvira Aloigi, Lorenzo Maggiore, and Annalisa Di Felice, Saipem S.p.A., offer an overview of the challenges and opportunities for CO2 pipelines in the energy transition, drawing on offshore and onshore case studies.


Embed article link: (copy the HTML code below):


This article has been tagged under the following:

US pipeline news Pipeline cybersecurity news