According to the National Institute of Standards and Technology (NIST), the energy sector relies on industrial control systems assets to “generate, transmit, and distribute power and to drill, produce, refine, and transport oil and natural gas.” These industrial control systems include supervisory control and data acquisition (SCADA) systems, distributed control systems, programmable logic controllers and intelligent electronic devices that control operational technology networks. These systems are targets of cyber-attacks according to NIST. A successful cyber-attack against these industrial control systems could “cause disruptions to the power grid and to oil and gas assets and processes.” Needless to say, such disruptions would cause chaos.
Therefore, energy sector companies are interested in preventing attacks on industrial control systems and are collaborating with NIST to start a project aimed at creating an example solution to address the energy sector’s ability to manage these assets. The result will be a publicly available cybersecurity guide for electric utilities and oil and gas companies so they can “effectively track and manage their assets.”
NIST seeks collaborating partners to participate in the project, which is obviously of great importance not only to the energy sector, but to us all. For more information contact Energy_nccoe@nist.gov. Just in time, after the FERC fine [see related post] and the Marsh report on the energy sector.