“Headline cyber security incidents are rare, but a lot of lesser attacks go undetected or unreported as many organizations do not know that someone has broken into their systems. The first line of attack is often the office environment of an oil and gas company, working through to the production network and process control and safety systems,” says Petter Myrvang, head of the Security and Information Risk Section, DNV GL - Oil & Gas.
DNV GL listed the top ten cyber security vulnerabilities as follows:
“As all oil and gas process plants are now connected to the Internet in some way, protecting vital digital infrastructure against cyber-attacks also ensures safe operations and optimal production regularity,” says Trond Winther, head of the Operations Department, DNV GL – Oil & Gas.
As DNV GL outlines, due to the use of digital technologies and increased dependence on cyber structures, the oil and gas industry is exposed to new sets of exposures and threats. From an underwriting point of view, such exposures can be analysed using the latest actuarial and risk modelling techniques.
For example, Russell Group’s ALPS Energy product is used to model aggregate exposure and pricing at the asset level, and analyse realistic and probabilistic scenarios while ALPS Enterprise captures a corporate’s exposure to technology vendors and compares with its own in-built vendor listing to assess a corporate’s risk profile to probable security threats and cyber events.