WASHINGTON, Feb. 22, 2017 - Energy executives are being urged to take “immediate action” to protect their facilities and operations from cyberattack.
“Given the increasing number of cyberattacks on oil and gas facilities, the importance of these facilities to the economy and national security, and the fact that there are effective cybersecurity standards for the energy industry available today, the time to act is now, not years in the future,” said Patrick Gouhin, executive director and CEO of the International Society of Automation (ISA).
Gouhin spoke during a panel session at a Bloomberg LIVE conference last week in Houston on the future of cybersecurity.
The session focused on the need for solutions that can prevent a cyberattack from occurring and mitigate the damage if one does occur.
The panelists also examined the future of cybersecurity strategies and defenses in the oil and gas industry given the absence of mandated standards and regulations.
The United States does not require implementation of industrial cybersecurity standards and best practices. Gouhin said, however, the government has developed a voluntary plan to follow.
The plan, known as the US Cybersecurity Framework, serves as a “how-to” guide for American industry and operators and owners of critical infrastructure to strengthen their cyber defenses.
Like what you see here? Agri-Pulse subscribers get our Daily Harvest email and Daybreak audio Monday through Friday mornings, a 16-page newsletter on Wednesdays, and access to premium content on our ag and rural policy website. Sign up for your four-week free trial Agri-Pulse subscription.
Gouhin also pointed to ISA’s series of industrial automation and control system (IACS) security standards that were adopted internationally as a “flexible framework” for preventing and limiting potentially devastating cyber damage to the industrial systems and networks used in oil and gas facilities and other critical infrastructure, adopted internationally as ISA/IEC 62443.
The ISA/IEC 62443 standards were developed by leading international cybersecurity experts from industry, government and academia, Gouhin said.
ISA has also developed a certification program, ISASecure, which Gouhin says ensures that control systems conform to relevant ISA/IEC 62443 cybersecurity standards.
To learn more about ISA/IEC 62443, click here.