Oil & Gas sector urged to beware of cyber risks

Security readiness has improved, but companies should not be complacent, says F5 VP

Tags: Cyber crimeF5 NetworksOil & GasUnited Arab Emirates
  • E-Mail
Oil & Gas sector urged to beware of cyber risks The Middle East oil & gas sector has shown a good adoption of security measures, says Arrabal.
By  Mark Sutton Published  November 9, 2014

The oil and gas sector in the Middle East must remain vigilant in the face of rising cyber security threats, according to Diego Arrabal, VP, Southern Europe and Middle East, F5 Networks.

Speaking ahead of the ADIPEC conference which will be held in Abu Dhabi, Arrabal said that the sector has improved its security readiness, but it is facing a steep rise in attacks. According to a recent global study by PwC, last year saw a 179% rise in the number of reported cyber-attacks on oil and gas companies, which soared above 6,500 cases.

"From our interaction with the market, we've seen that the Middle East is determined and prepared to set an example on a global scale when it comes to cyber-attacks in the oil and gas industry," Arrabal said.

"However, while awareness-levels and technological capabilities to cope are at an all-time high, the region's oil and gas industry needs to be extremely cautious about ever-evolving and increasingly complex risks."

Frost & Sullivan has also reported that cyber security uptake is expected to surge with the passing of national and international legislation and awareness-raising initiatives and that, ultimately, the issue would emerge as "the highest-priority area for oil and gas companies".

"The oil and gas industry cyber-attack playbook could include anything from distributed denial of service (DDoS) attacks and phishing/spear-phishing emails to data theft, ‘zero-day' software assaults, web application exploits, and website defacement," he said.

"Depending on the attack, the consequences may include embarrassing reputational hits, disruption of supply, millions of dollars in damage and lost business, or even health and safety incidents if critical equipment fails or is led astray by faulty data."

Against this backdrop, defence tactics like hybrid approaches to DDoS attacks are set to gain increasing traction in the industry. These can provide the resilience and scale of cloud-based solutions with the granularity and always-on capabilities of on-premise solutions.

"Looking ahead, we need to do everything we can to raise industry knowledge of the complexity and nuances of the problems and ensure industry players, governments, as well as software and hardware vendors are all on the same page," added Arrabal.

"The Middle East can and should play an important role here, sharing lessons learned, raising operational standards and illuminating new ways forward. The tools to defend are readily available, we just need to make sure they are applied correctly and in ways that do not compromise on industry performance or innovation."

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code