Ernst &Young on IT security and safety risk to oil and gas

Oil and gas judged at risk from ’hacktivists.’ Advice to travelers. What to protect.

A new report* in Ernst & Young’s Business Pulse series looks at risks and opportunities in oil and gas. The report quizzes oil and gas execs who attribute a 1 to 10 ranking for each threat or opportunity. The study compares the 2013 survey with an earlier 2011 analysis and looks forward to 2015 for future trends.

The increasing sophistication of oil and gas control systems and increased automation have had positive results. But the risks associated with having a physical network controlled digitally are ‘significant.’ Oil and gas are likely to be among the primary targets for cyber attacks by industrial spies and ‘hacktivists.’

Some companies adopt radical measures, one told E&Y, ‘When we go to particular countries we go with clean cell phones and clean computers. We don’t store any information, we don’t transmit any information back home and we don’t go on any networks.’ Majors in particular recognize that there is little they can do to protect against the most skillful attacks. Ernst & Young’s Ben Taylor advises, ‘Companies need to be selective about what information they absolutely have to protect, and protect it at all costs.’ According to E&Y, IT security ‘has moved from the periphery of a company’s risk management structure to the core of its operations.’ This conclusion is somewhat supported by the study as IT security was absent from the 2011 study and entered at the N° 9 slot in 2013. However the execs expected it to decline as a threat (to N° 10) in 2015.

E&Y gives the oil and gas vertical a thumbs-up for its ‘managerial and technical expertise,’ a core strength.

* Business Pulse: Exploring the dual perspectives of the top 10 risks and opportunities in 2013 and beyond.

Click here to comment on this article

Click here to view this article in context on a desktop

© Oil IT Journal - all rights reserved.