Defense In-Depth: Cybersecurity For Energy

Daniel Litwin
Apr 6, 2022
Learn more
2021 Colonial Pipeline ransom attack cyber threats cybersecurity measures cybersecurity protocols Oil and Gas Opportune LLP ransomware attacks
Share this post

Despite ongoing threats and a massive wake-up call in 2021, the oil and gas industry doesn’t appear to be ready for the increasingly dangerous cybersecurity threats present in the world. The Colonial Pipeline ransom attack in June 2021 cost the company $5 million in ransom, created supply chain shortages, and fueled price hikes while causing market uncertainty.

And with a lack of cybersecurity standards at the federal level, the oil and gas industry is vulnerable to future incidents. A recent bill hopes to address cybersecurity protection measures by requesting that the Federal Energy Regulatory Commission (FERC) create mandatory cybersecurity standards for the power, utility, and energy sectors

Even while this is taking place, the sector cannot sit idly by while waiting for federal standards to materialize. E2B: Energy to Business host Daniel J. Litwin spoke with Glenn Hartfiel, Principal, and Geoff Yut, Consultant, in Opportune LLP’s Process & Technology practice about current best practices to create and implement better cybersecurity solutions and strategies.

Yut explains, that as a baseline, it was difficult to predict what an organization doesn’t know might already be lurking in its network. He recommended that routine assessment of one’s attack surface and evaluating cyber risk exposure through third-party connections or vendors is critical.

“I think it’s important to remember that firms can’t protect what they don’t know that they have,” Yut says. “So, it’s important to regularly assess your attack surface and evaluate your exposure to cyber risk through those third-party connections or vendors.”

Hartfiel mentions there are some things companies can do on their own to mitigate their risk of a cyberattack such as implementing multifactor authentication, geo-blocking IP addresses outside of the U.S., installing malware scanners, and giving permission to select people within the organization who are trusted with access. The other big piece of advice that Hartfiel finds himself stressing to energy clients and the industry is educating people on best practices of cybersecurity.

“That is the biggest one that I stress is educate your users not to open attachments,” Hartfiel says. “They don’t know who they came from, right? That’s the weakest link in any company…to have somebody open up an email and then click on something and they have a rootkit installed or a malware virus that then can go out and attack the whole network.”

The age-old phrase “go big or go home” is why oil and gas and other energy-related industries become targets of hackers. These attacks make big headlines and can result in huge paydays. They can also create widespread panic if a grid goes down or a pipeline operation shudders. And when it comes to making the proper cybersecurity modifications and ensuring infrastructure is sound and up to date to handle such operational risks, there are no shortcuts.

“It takes at least 12 months to do upgrades and not cause any major impacts,” Hartfiel says.

The process is something that will likely need budgeting over some time. But since hackers wait for no one, the time for companies to strengthen their cybersecurity measures to make it harder for the next cyberattack is now.   

Follow us on social media for the latest updates in B2B!

Image

Latest

Robotic pallet movers
Automation in Action: Robotic Pallet Movers are Enhancing Efficiency and Transforming the Modern Warehouse
April 18, 2024

The world of logistics is undergoing a major transformation, all thanks to robotic picking and stacking tech. These robotic pallet movers automate the stacking of products, thereby enhancing efficiency and accuracy in warehouses and distribution centers. As e-commerce continues to grow, the demand for quicker and more efficient operations is pushing the adoption of […]

Read More
extended-stay hotel
Extended-Stay Hotels Must Analyze Markets & Embrace Flexible Options for Sustained Growth
April 18, 2024

The extended stay hotel market, once riding high on unprecedented growth, has recently faced a dip in occupancy rates. This downturn marks a significant shift from the robust expansion observed over the past years, driven by a surge in guests who preferred longer stays due to various economic and lifestyle factors. Despite this, the […]

Read More
live events technology
High-Quality Live Events Technology is the Secret Weapon for Unforgettable Experiences
April 18, 2024

The fusion of technology and creativity is setting new standards for audience engagement and event personalization at live events. Live events technology such as augmented and virtual reality are now at the forefront, offering immersive experiences that bridge the gap between the digital and physical worlds. AI and machine learning are also revolutionizing event […]

Read More
Power over Ethernet
Power Over Ethernet Revolutionizes Home Automation by Simplifying Installations and Enhancing Connectivity.
April 18, 2024

Homes become increasingly connected and Power over Ethernet (PoE) emerges as a transformative technology in residential automation and entertainment systems. By allowing electrical power and data signals to travel over a single Ethernet cable, PoE offers a streamlined approach to powering devices like smart speakers, security systems, and lighting, all while reducing cable clutter​. […]

Read More
Related
Software & Technology
AI is at an Investment Tipping Point. These Are the Three Main Trends Shaping AI Solutions Development.
April 17, 2024
reconductoring
Healthcare
From Old to Gold: Reconductoring Breathes New Life into Aging Grids for Renewable Integration
April 17, 2024

As our world moves towards a greener future, the challenge of updating and expanding the capacity of the aging U.S. power grid has become a pivotal concern. Recent studies suggest that reconductoring—replacing old transmission lines with new, high-capacity conductors—can double or triple capacity without new rights-of-way, offering a quicker, cost-effective path towards integrating renewable […]

Read More
Healthcare
The Palisades Nuclear Plant Demands a Clear Risk-Based Analysis for Successful Reopening
April 17, 2024

The debate around restarting mothballed nuclear power plants is gaining momentum in the U.S., illustrated by the decision to revive the long-dormant Palisades Nuclear Plant. This pioneering move, marking the first such initiative in the nation, underscores a broader conversation about energy resilience and the strategic recalibration of America’s energy assets. Experts say to […]

Read More