Growing digitalization makes the oil and gas industry more vulnerable to cyberattacks.

The oil and gas industry is increasingly relying on digital technologies to transform itself in the 21st century. As increasing volumes of data are being stored on networked servers, there is a higher probability of this data getting targeted by hackers, says GlobalData.

GlobalData’s latest thematic report, ‘Cybersecurity in Oil & Gas (2020)’ highlights the importance of cybersecurity technologies in the industry, in order to protect oil and gas assets against internal as well as external threats.

The oil and gas industry is expanding the use of digital technologies to optimize daily activities. Widespread deployment of the IoT is generating huge volumes of data. Each node in a company’s network, whether a computer terminal, a cell phone, sensors, or a networked camera, can become an entry point for hackers.

Ravindra Puranik, Oil and Gas Analyst at GlobalData, comments: “Hackers can exploit these nodes and gain access to a wealth of information, including business plans, project designs, supplier details, contracts, financing, and other critical information. Loss or theft of such data can prove financially and operationally detrimental for an oil and gas company.

“The frequency and sophistication in cyberattacks has increased over the years, as seen in the case of the Shamoon attack that has targeted Saudi Aramco on multiple instances. Hence, it is imperative that oil and gas companies adopt a proactive approach in handling cybersecurity. Broad scale coordination among industry players, government agencies, and technology vendors is essential to tackle such complex and persistent menace.”

GlobalData’s thematic research identifies BP, Chevron, ConocoPhillips, Eni, ExxonMobil, Gazprom, Royal Dutch Shell and Saudi Aramco, among the leaders in the cybersecurity theme in the oil and gas industry. It also highlights some of the cybersecurity technology providers for oil and gas industry, namely BlackBerry, Broadcom, Cisco Systems, Fortinet, IBM, Microsoft, Palo Alto Networks, and Verizon.

More recently, the COVID-19 pandemic has increased cyber risk significantly. Employees working on personal computers and using public networks are especially vulnerable to phishing and other types of cyberattacks.  

Puranik concludes: “The industry needs a clear strategy and then subsequent delivery to address these vulnerabilities and protect against data loss, denial of service, and other forms of disruption to operations.”