Home / / Oil & Gas sector urged to beware of cyber risks

Oil & Gas sector urged to beware of cyber risks

Security readiness has improved, but companies should not be complacent, says F5 VP

Oil & Gas sector urged to beware of cyber risks
The Middle East oil & gas sector has shown a good adoption of security measures, says Arrabal.

The oil and gas sector in the Middle East must remain vigilant in the face of rising cyber security threats, according to Diego Arrabal, VP, Southern Europe and Middle East, F5 Networks.

Speaking ahead of the ADIPEC conference which will be held in Abu Dhabi, Arrabal said that the sector has improved its security readiness, but it is facing a steep rise in attacks. According to a recent global study by PwC, last year saw a 179% rise in the number of reported cyber-attacks on oil and gas companies, which soared above 6,500 cases.

"From our interaction with the market, we've seen that the Middle East is determined and prepared to set an example on a global scale when it comes to cyber-attacks in the oil and gas industry," Arrabal said.

"However, while awareness-levels and technological capabilities to cope are at an all-time high, the region's oil and gas industry needs to be extremely cautious about ever-evolving and increasingly complex risks."

Frost & Sullivan has also reported that cyber security uptake is expected to surge with the passing of national and international legislation and awareness-raising initiatives and that, ultimately, the issue would emerge as "the highest-priority area for oil and gas companies".

"The oil and gas industry cyber-attack playbook could include anything from distributed denial of service (DDoS) attacks and phishing/spear-phishing emails to data theft, ‘zero-day' software assaults, web application exploits, and website defacement," he said.

"Depending on the attack, the consequences may include embarrassing reputational hits, disruption of supply, millions of dollars in damage and lost business, or even health and safety incidents if critical equipment fails or is led astray by faulty data."

Against this backdrop, defence tactics like hybrid approaches to DDoS attacks are set to gain increasing traction in the industry. These can provide the resilience and scale of cloud-based solutions with the granularity and always-on capabilities of on-premise solutions.

"Looking ahead, we need to do everything we can to raise industry knowledge of the complexity and nuances of the problems and ensure industry players, governments, as well as software and hardware vendors are all on the same page," added Arrabal.

"The Middle East can and should play an important role here, sharing lessons learned, raising operational standards and illuminating new ways forward. The tools to defend are readily available, we just need to make sure they are applied correctly and in ways that do not compromise on industry performance or innovation."

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.