Cyber Security for Upstream Oil and Gas

Author: CSC

Upstream oil and gas companies are becoming increasingly aware of the growing cybersecurity threats to the oil and gas industry. Until recently, the industry perceived cyber security as an IT issue that security staff working for the CIO could handle with passwords and firewalls.

There may have been some awareness of the operational risks that their refining and processing plants faced, but until the detection of the Stuxnet attack on the critical plant control systems, the oil and gas industry saw cybersecurity as an IT problem. Although they had experienced unauthorized disclosures of emails, highly-sensitive competitive information had not been stolen from executives’ laptops while connected to the corporate network, as was the case with the Night Dragon virus.

The current awareness of the cybersecurity threats to oil and gas companies stems from five main issues.