Marc Wren, OT Cyber Security Manager at Axians Cloud and Cybersecurity, part of VINCI Energies UK & RoI, says it is vital for the oil and gas industry to recognise the underlying digital dangers of a cyber threat. The UK oil pipeline system transports 9.5 billion litres each year across a network of 4,500 kilometres....
Marc Wren, OT Cyber Security Manager at Axians Cloud and Cybersecurity, part of VINCI Energies UK & RoI, says it is vital for the oil and gas industry to recognise the underlying digital dangers of a cyber threat.
The UK oil pipeline system transports 9.5 billion litres each year across a network of 4,500 kilometres. Within this are numerous, extremely long distances of unmanned pipes. It’s not hard to see how these could easily become a target for opportunistic outside aggressors wanting to disrupt a working system.
We live in an age of seemingly constant, ever-present resources and yet if the past 12 months have shown us anything, it’s that our energy supplies cannot be taken for granted and the tap can be switched off with one turn of a virtual hand.
It’s important to note at this stage that the situation is not an impossible one. In fact, far from it. There are many ways to proactively protect our oil and gas supplies and taking another look at cybersecurity is a good place to start.
After all, it’s what our American cousins did just a year ago. In August 2021, the American Petroleum Institute updated its cybersecurity standards for pipelines after looking again at the risks. It assessed that if there is a hack, then an attacker (or malware in the system) is only a couple of jumps away from a damaging action – activating an on/off switch, switching off electricity, or ramping up the system to make it run beyond its capabilities, for example.
Plans in the pipeline
Often the key question for a lot of businesses is not ‘do we need cybersecurity?’, but rather ‘how do we integrate cybersecurity to our operations?’ This is an area we specialise in at Axians Cloud and Cybersecurity. Our service sees us marry OT and IT infrastructure to offer secure manual and security services of the highest standard.
Moreover, as part of VINCI Energies UK & RoI, we’re also fortunate to work with some of the most knowledgeable people in the country around automation and oil and gas supplies.
Not only do our people understand deeply how oil and gas pipelines work and the remote access points within an OT framework, they are also experts in COMAH regulations.
COMAH, as defined by the HSE, “aims to prevent and mitigate the effects of major accidents involving dangerous substances which can cause serious damage/harm to people and/or the environment. COMAH treats risks to the environment as seriously as those to people.” This enables VINCI Energies UK & RoI to offer a more holistic assessment of cybersecurity needs.
We take a personal approach with clients, walking them through their sites to identify every aspect that must be protected. Having that collaboration with customers at an early stage is one of the keys to success. It also helps customers understand that the time saved through our initiatives will allow the maintenance team to fulfil their roles more effectively. Giving people the tools to improve their operations, ultimately leads to better overall effectiveness.
A smoother operation
Another important lens through which cybersecurity for the oil and gas industry should be viewed is availability. Every minute the energy supply is stopped, money is lost – lots of money. Company reputations, and careers, are at risk. So, rather than waiting for something to fail, calling in the Axians Cloud and Cybersecurity team can help clients face up to, and pre-empt, the possibilities of cybercrime. Ultimately, having a managed service allows others to concentrate on the work at hand, without having the worry of what might happen.
For a free 30 minute consultation with a VINCI Energies OT security professional, please contact ot@axians.co.uk.