Recent press reports indicate that a cyber-attack disabled the third-party platform used by an oil and gas pipeline company to exchange documents with customers. Effects from the attack were largely confined because no other systems were impacted, including industrial controls for critical infrastructure. The attack comes on the heels of an FBI and Department of Homeland Security alert warning of Russian attempts to target industrial control systems, as well as an indictment against Iranian nationals for attacking private, education, and government intuitions, including FERC. These incidents are raising questions about cybersecurity across the US pipeline network.
Continue Reading Attacks Targeting Oil and Gas Sector Renew Questions About Cybersecurity
Cybersecurity
Insurance Mitigates Cyber-Related Risk
In today’s interconnected society, cyber breaches are inevitable. As the saying goes, it is not a matter of if, but when, an organization will be breached. This is particularly true for businesses in the energy sector, which is one of the most frequently targeted industries for cyber attacks. From producers to pipelines and refineries, energy companies’ computer systems are increasingly at risk of becoming the target of a sophisticated and targeted cyberattack, making cyber risk mitigation paramount.
Continue Reading Insurance Mitigates Cyber-Related Risk
Agencies Emphasize Pipeline Security in Response to October Acts of Sabotage
In coordination with the TSA, PHMSA issued an advisory to remind the industry of the importance of safeguarding pipeline facilities and monitoring SCADA systems for indications of unauthorized access or interference with pipeline operations.
Continue Reading Agencies Emphasize Pipeline Security in Response to October Acts of Sabotage
Senate Committee Approves Cybersecurity Bill As Infrastructure Security Concerns Grow
The Senate Intelligence Committee recently approved the “Cybersecurity Information Sharing Act”, which would facilitate the sharing of information about cybersecurity threats or countermeasures by among private entities and with the federal government. If information is shared in accordance with certain requirements (such as the use of technical controls to protect shared information), the bill provides broad protections for entities sharing information for cybersecurity purposes, including immunity against any legal action related to the monitoring, sharing, or receipt of information done in accordance with the Act.
…
Continue Reading Senate Committee Approves Cybersecurity Bill As Infrastructure Security Concerns Grow
Issuance of Critical Infrastructure Cybersecurity Framework and Launch of DHS Cyber Community Program
The National Institute of Standards and Technology (NIST) recently released the final “Framework for Improving Critical Infrastructure Cybersecurity.” The Framework addresses procedures and processes for reducing cyber risks to critical infrastructure – which includes the transportation sector and pipeline systems. …
Continue Reading Issuance of Critical Infrastructure Cybersecurity Framework and Launch of DHS Cyber Community Program
Lawmakers Urge Mandatory Security Measures to Protect the Power Grid
In the wake of an attack last year on an electric substation in California, four U.S. Senators have written a letter to the Federal Energy Regulatory Commission and the North American Electric Reliability Corporation, urging them to adopt mandatory standards for physical security at electric power facilities. …
Continue Reading Lawmakers Urge Mandatory Security Measures to Protect the Power Grid
President Obama Issues Executive Order and Presidential Policy Directive Regarding Critical Infrastructure Security
During his State of the Union Address, President Obama unveiled an Executive Order (EO) and Presidential Policy Directive (PPD) to improve critical infrastructure cybersecurity . The EO and PPD come in the wake of two failed attempts by Congress to pass cybersecurity legislation, and are generally aimed at seeking to improve relationships across the federal…