Industries specializing in oil and gas commit to collaborating on cybersecurity matters during the World Economic Forum discussions.

In a significant move towards enhancing cybersecurity in the energy sector, a group of 18 organizations connected to the oil and gas industry have agreed to take collective action on cyber resilience. This announcement was made during the World Economic Forum in Davos, Switzerland.

Robert Lee, CEO of the Open Network Technology Alliance (ONTA) and also CEO of the cybersecurity firm Dragos, led the partnership. The organizations involved in this initiative are some of the world's largest energy providers and industrial cybersecurity firms. Notable names include Aker BP, Aramco, Occidental Petroleum, Suncor, and others.

The decision to collaborate comes in the wake of high-profile cyberattacks on critical infrastructure. The Colonial Pipeline attack in May 2021 and the attacks on the Amsterdam-Rotterdam-Antwerp oil hub facilities in February served as significant wake-up calls for the cybersecurity industry about the need to strengthen collective defenses.

The oil and gas industry has become a major focus for criminal ransomware and nation-state threat actors seeking to extort millions in ransomware payments and disrupt critical energy supplies. Alexander Klimburg, head of the Center for Cybersecurity at the World Economic Forum, provided details about the initiative.

The organizations will adopt six, consensus-based principles and will share lessons learned from their experiences in boosting cyber resilience. The playbook includes high-level guidance for corporate boards to help them understand crucial questions related to a cyberattack. It also provides specific case studies to demonstrate the consequences of a cyberattack.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, made a statement during a press conference at the World Economic Forum, emphasising the importance of human life in cybersecurity discussions, beyond just data, identity, and credit cards. She highlighted one such case study involving an oil and gas facility where the adversary targeted safety systems, causing the plant to shut down. The initial intent behind the attack was to harm or kill people.

The Russian invasion of Ukraine has escalated concerns about potential retaliatory cyberattacks targeting key energy supplies in connection to sanctions related to the war. The organizations plan to work together on global approaches to boosting cyber resilience.

Corporate stakeholders are increasingly interested in understanding the risk calculus of their technology stacks, particularly the question of whether they are a potential target. The collaborative effort aims to provide a comprehensive understanding of cyber resilience and the steps necessary to ensure the safety and security of critical infrastructure.

Industries specializing in oil and gas commit to collaborating on cybersecurity matters during the World Economic Forum discussions.