New standard enhances the cybersecurity of pipeline control systems

2021-09-01 04:00

The American Petroleum Institute published its 3rd Edition of Standard 1164, Pipeline Control Systems Cybersecurity, underscoring the natural gas and oil industry's ongoing commitment to protecting the nation's critical infrastructure from malicious and potentially disruptive cyber-attacks.

It is based on the NIST Cybersecurity Framework and NERC-CIP standards and significantly expands the scope compared to the previous edition of the standard to cover all control system cybersecurity instead of solely SCADA systems.

"This standard will help protect the nation's critical pipeline infrastructure by enhancing safeguards for both digital and operational control systems, improving safety and preventing disruptions along the entire pipeline supply chain. What sets this framework apart is its adaptive risk assessment model that provides operators with an appropriate degree of flexibility to proactively mitigate against the rapidly evolving cyber threat matrix."

"This premier standard helps the operator manage cyber-risks associated with control system cybersecurity environments by providing requirements and guidance for proper isolation of control system environments from non-control system environments," American Gas Association Senior Vice President for Safety, Operations and Security Christina Sames said.

The updated standard establishes requirements to harden pipeline cybersecurity assets against a range of threats, including those posed by ransomware.

Recommended Practice 1173 - Pipeline Safety Management Systems provides pipeline operators with safety management system requirements that when applied provide a framework to reveal and manage risk, promote a learning environment, and continuously improve pipeline safety and integrity.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/i8df4JR8Lw8/

#cybersecurity