Over the past two years, companies in the oil and gas sector have experienced major security breaches, driving home the pressing need for a collective response. In response, 18 energy corporations have agreed to cooperate on a dedicated solution to strengthen infrastructure across the industry ecosystem. The pledge was announced during the World Economic Forum (WEF) Annual Meeting 2022.
According to its website, the Cyber Resilience Pledge aims to “mobilize global commitment towards strengthening cyber resilience across industry ecosystems.” Together, those taking the pledge will take up the fight against cyber-attacks, ensuring it is not a standalone effort. A harmonized approach can work across borders and businesses, resulting in coordinated resilience against malicious threats.
“First endorsed by key CEOs in the oil and gas value chain, the Cyber Resilience Pledge is a landmark step as it signals recognition of the complexities of building a cyber-resilient industry ecosystem and a commitment towards collective action to achieve it,” explained Alexander Klimburg, head, centre for cybersecurity, WEF.
The companies taking the pledge include Aker ASA, Aker BP, Aramco, Check Point Software Technologies, Claroty, Cognite, Dragos, Ecopetrol, Eni, EnQuest, Galp, Global Resilience Federation, Maire Tecnimont, Occidental Petroleum, OT-ISAC, Petronas, Repsol and Suncor.
The WEF highlighted cyber-attacks against the Colonial Pipeline in the United States in May 2021 and against European refining hubs in February 2022, leading to significant consequences for business operations. These incidents drove home the critical importance of cyber-resilience. The pledge will ensure resilient design is implemented across the industry ecosystem and that companies collaborate on such efforts.
“As the world deepens its digital footprint, cyber threats are becoming more sophisticated,” said Amin H. Nasser, CEO of Saudi Aramco, in a news release. “But one company, working alone, is effectively like locking the front gate while leaving the back door wide open.”
The pledge emphasizes that companies must work together if they want to truly protect the critical energy infrastructure that billions of people around the world depend on.
The WEF’s Global Cyber Outlook 2022 report found that 87% of senior executives are looking to improve their company’s cyber-resilience efforts. Additionally, just 13% of cyber leaders said that cyber-resilience is already a part of business strategy, putting organizations at higher risk of attacks. This is particularly concerning, with the Ponemon Institute estimating that the average cost of a ransomware breach is $4.62m USD for companies attempting to ward off cyber-attacks. Therefore, a coordinated effort can have positive outcomes for businesses’ bottom lines.
“The oil and gas industry is going through a digital revolution that has been a catalyst for energy transition and sustainability. Cyber resilience is key in this revolution, as staying ahead of vulnerabilities is fundamental to our business. The pledge is a step further by developing a collective effort to embed cyber-resilience and a cyber-risk aware culture across the energy industry,” commented Felipe Bayón, CEO of Ecopetrol.