Cybersecurity for the oil industry supply chain
- By Matt Leonard
- Nov 15, 2016
The U.S. Coast Guard, the National Institute of Standards and Technology and stakeholders in the maritime and oil and natural gas industries have created a “profile” of voluntary guidelines to help secure the computers used to control valves, pumps and sensors used at facilities that transfer liquids on and off of shipping vessels.
Based on NIST’s 2014 Cybersecurity Framework, the profile consolidates recommended cybersecurity safeguards and provides a starting point for facilities to review their risk management processes. It outlines a desired minimum state of cybersecurity and provides the opportunity to plan for future business decisions, a Coast Guard blog said.
“These facilities face inherent cybersecurity vulnerabilities and the U.S. Coast Guard hopes this profile will assist organizations with mitigating them, and provide a long-term process for developing an internal cyber risk management program,” Lt. Josephine Long, a marine safety expert in the USCG’s Office of Port & Facility Compliance, said in a statement.
Additional guidance to help the maritime industry with cybersecurity could cover offshore drilling operations, passenger vessel and terminal operations, according to Long.
Matt Leonard is a former reporter for GCN.