AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

The impending cybersecurity revolution in the oil and gas industry

Rising governance expectations, heightened regulatory requirements, and the emergence of new trends outline a complex future for cybersecurity in the energy industry

This pill is also available in Italian language

In recent years, the oil and gas industry in the United States has witnessed a growing need for cybersecurity measures due to the ever-increasing cyber risks. This need has become even more pressing with the new information security directives issued by the Transportation Safety Administration (TSA) in 2021 and 2022. These directives, together with the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) and the proposed regulation of the Securities and Exchange Commission (SEC), have introduced new vulnerability assessment and reporting requirements for companies in the sector. The Biden administration's recently released National Cyber Security Strategy also placed emphasis on increasing government regulation and private sector accountability.

The impact of increased government and regulatory oversight

The National Cyber Security Strategy emphasizes the importance of establishing information security requirements for critical infrastructures. The strategy emphasizes the federal government's role in establishing these requirements, while also encouraging states and independent regulators to use their authorities to do so. The expectation is that this will lead to increased government oversight and regulation of cybersecurity in the oil and gas sector. An example of these potential government actions is the recent Government Accountability Office (GAO) report on the cybersecurity of offshore oil and gas facilities. Additionally, recent actions taken in New York state may indicate how other states may seek to lead cybersecurity practices in the industry.

The importance of effective IT security management

Effective cybersecurity management requires strong collaboration between different stakeholders, including technical teams, security teams, legal, communications, and others. The planned revision of the NIST Information Security Framework will introduce a new "Govern" function, highlighting the importance of effective governance. The proposed SEC rule regarding information security disclosures by registrants also highlights the importance of governance. This approach confirms the growing expectations for companies' governance of cyber risk. Oil and gas companies should expect governance to become a key feature of their cybersecurity programs in the future, if it hasn't already.

Prepare for a future of rising cybersecurity expectations

Cybersecurity expectations for US oil and gas companies have increased in recent years and are expected to continue to do so. Companies should engage with policymakers to ensure future policies effectively advance industry cybersecurity. Oil and gas companies should also prepare for three key trends: advance reporting or disclosure of cyber incidents, increased government oversight or regulation of cyber security practices, and rising expectations for cyber security governance. While the details of future cybersecurity expectations for the industry remain to be seen, understanding and responding to these three trends will enable oil and gas companies to manage the legal, financial and reputational risks associated with the many cyber threats they face.

Follow us on Facebook for more pills like this

06/16/2023 03:35

Marco Verro

Complementary pills

SEC: reactions to new cyber incident disclosure rulesChallenges and opportunities: expert comments on the new SEC guidelines

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon