...Loading...
Banner Image

Categories

2Education
Education (2)
6General
General (2)
4In The News
In The News (1)
3Press Release
Press Release (2)
1Regulation
Regulation (4)
5Thought Leadership
Thought Leadership (2)

Archives

201811November3
November 2018 (3)
201808August2
August 2018 (2)
201807July1
July 2018 (1)
201805May1
May 2018 (1)
201804April1
April 2018 (1)
201803March3
March 2018 (3)
201802February1
February 2018 (1)
6https://www.securitygate.io/blog/2018/03/Cyber-Attacks-Regulation-Pipeline-Industry
Cyber Attacks and Regulation of the Pipeline Industry
Posted by: Poster Avatar Brent Gage   |    03/19/2018 08:00 AM    |    Categorized under:  Regulation

 

Cyber attacks and regulation of the pipeline industry

Hackers last week infiltrated a communications platform provided by Energy Services Group LLC, which Bloomberg reports impacted five pipeline operators. This has provided increased focus to an ongoing thrust for cybersecurity regulation of the energy industry and its subset, the pipeline industry. In February, Energy Department Secretary Rick Perry announced that $96 million in funding would be used to create an office to address cyber threats to energy. Further, congressmen and senators on both sides of the aisle have been pushing for increased regulation in the last few years, increasing in the last few months.

"These attacks are a wake-up call that addressing our aging energy infrastructure needs to be a priority …Bad actors are looking at any way to weaken the American energy sector.” - U.S. Rep. Robert Latta, R, Ohio of the House Committee on Energy and Commerce, stated in an email sent on April 5th.


"Our energy infrastructure is under attack… A year ago, I called for a comprehensive assessment of cyber attacks to our grid by Russians. We don’t need rhetoric at this point – we need action.” Sen. Maria Cantwell D, WA.

This should be a matter of concern to owners and managers of pipeline companies and their suppliers, as this is a similar path taken to the mandatory NERC CIP regulations of the power industry. Even though the NIST framework laid out by the TSA for the pipeline industry is currently voluntary, so too were the NERC standards before March 2007. When regulation does come, it is almost a certainty that the regulations will mirror or at least closely follow the current TSA NIST framework. This presents an opportunity for pipeline companies to get ahead of the curve and begin implementing a cybersecurity structure now. Not only will doing so help prevent costly cyber attacks and increase asset value, but a slow, incremental run-up to compliance is much cheaper and easier than the last minute scramble seen in the US defense industry and its suppliers with DFARS and international companies and their suppliers with GDPR.

While getting started early will save companies money in the long run, creating a cybersecurity program is still a long and costly endeavor. Thankfully, there are alternatives to simply re-creating the big, expensive cybersecurity departments of the largest companies. SecurityGate has created an automated platform that allows companies to assess, manage and remediate their cyber risk according to any compliance standard in any field, including the voluntary (for now) TSA pipeline cybersecurity NIST based framework. This platform drastically reduces the cost and time necessary to implement cybersecurity for your company. Click here for a demonstration.

 

REF

https://www.bloomberg.com/news/articles/2018-04-06/cyberattack-wake-up-call-puts-pipeline-industry-in-hot-seat

https://pgjonline.com/magazine/2017/february-2017-vol-244-no-2/features/meeting-cybersecurity-challenges-in-the-pipeline-industry

 


Author Image

Author

Brent Gage

MORE POSTS BY Brent Gage

Featured Image

Next Post

SECURITYGATE UNVEILS NEW PLATFORM