Connecting to LinkedIn...



Oil and gas sector open to numerous cyber risks

2/12/2015 by Sharon Shahzad


The oil and gas sector is not noting troubling times solely due to price falls, it seems, with a new study revealing that firms are also open and vulnerable to severe cyber risks. A publication by DNV GL showcases some of the top cyber risks for offshore Norway operations that could affect the entire global industry.

As digital threats continue to rise, Norwegian intelligence authorities have said that many are aimed directly towards the oil and gas sector. With criminals increasingly sophisticated, and their methods growing in innovation, it is essential that energy companies sit up and take notice. Surveying 1,100 business professionals, it was found that just 27% set concrete goals when it comes to tackling cybercrime, with 58% using an ad hoc strategy. DNV GL’s head of the security and information risk section, Petter Myrvang, said: “Headline cybersecurity incidents are rare, but a lot of lesser attacks go undetected or unreported as many organisations do not know that someone has broken into their systems. The first line of attack is often the office environment of an oil and gas company, working through to the production network and process control and safety systems.”

Outlining some of the major cybersecurity vulnerabilities, DNV GL said that many firms had a lack of awareness and training in their workforce. This was made worse by the fact that remote work is often required during maintenance and operations, opening the door to breaches. Insufficient separation of data networks was also highlighted, as was a poor cybersecurity culture among contractors, suppliers and vendors. Companies also failed to physically secure cabinets, data rooms and other storage facilities properly while continuing to use vulnerable software and standard IT products that have known associated risks.

For oil and gas companies concerned about vulnerabilities, DNV GL suggests that executives should take a risk-based approach to strategising effect safeguards. By using the familiar bow-tie model, a system that is utilised in safety barrier management, firms can more easily identify potential asset vulnerabilities and threats and put appropriate barriers in place to limit cyber-risk consequences.

The need for oil and gas firms to take action and protect themselves from cyber risks should be a top priority. Breaches can not only damage a company’s infrastructure and operations but also negatively effect consumer opinion. At a time when energy firms must operate as efficiently as possible due to falling prices and sector turbulence, it is essential to have cyber-safeguards in place.

comments powered by Disqus

Social Stream

Latest News


Humans remain largest security flaw in cloud ...

2016-10-21 14:00:00 +0100

With a vast number of companies moving some, if not all, of their operations to the cloud, security continues to be of major concern. Whilst there are numerous patches and firewalls to safeguard defences, it has been highlighted that the most difficult area to protect against is human interaction. This is the view of Jamie Woodruff, a penetration tester and ethical hacker. Woodruff’s views come after he was contracted to conduct a penetration test in or...


Offshore exploration providing boost for oil ...

2016-10-19 09:00:00 +0100

The oil and gas industry has had a notoriously challenging time of late, with the prices of oil plummeting and causing many firms to tighten their belts. However, offshore exploration is providing a much-needed bright spot for the sector, with an increasing number of governments becoming more accommodating. In the past week, it has been revealed that there are big changes afoot for Brazil’s petroleum laws. Shell has already begun to move on this opportu...