JEDDAH: Saudi Aramco, the world’s biggest oil company, partnered with the World Economic Forum (WEF), Siemens Energy and others this week to release a report on cyber resilience in the oil and gas industry.
The report aims to help the energy industry protect itself against cybercriminals by establishing a blueprint for evaluation of how to handle different risks and threats.
It comes after Colonial Pipeline, the biggest fuel pipeline operator in the US, was hit with a devastating cyberattack earlier this month that forced the company to shut down approximately 5,500 miles of pipeline for five days, crippling gas delivery systems in Southeastern states.
In February 2020, another ransomware attack on a gas compressor facility in the US resulted in a two-day outage.
“Establishing and aligning cybersecurity practices across the industry enhances our collective resilience efforts and allows us to present a united front against cybercrime and other critical security threats,” Basim Al-Ruwaii, Aramco’s chief information security officer, said in a press statement.
The report was a collaboration involving 40 major industry players who identified the best cyber-resilience practices and offered new solutions to mitigate threats, protect supply chains and improve overall security in the sector.
Richard Glick, the chairman of the Federal Energy Regulatory Commission, said pipelines are not keeping pace with the potential threats.
“Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever-increasing number and sophistication of malevolent cyber actors,” Glick told Reuters, referring to the impact of this month’s US pipeline attack.
Saudi Arabia has been the target of similar cyberattacks. The biggest was in 2012 when more than 30,000 Saudi Aramco computers were attacked.
Georges De Moura, the head of industry solutions at the WEF’s Centre for Cybersecurity, said the energy industry must integrate cyber risks into this culture just as it developed security practices for physical threats.
“This playbook will help business leaders in the industry embrace a risk-informed cybersecurity approach to ensure a secure and resilient oil and gas ecosystem,” De Moura said.