If you own or operate a midstream operation in the United States, you are likely working diligently to comply with the new cybersecurity regulations. For the second time this year, the Department of Homeland Security’s Transportation Security Administration (TSA) has directed critical pipelines to adhere to new cybersecurity orders. There are only a few weeks left before the deadline to implement the required measures. Operators are leveraging the eLynx Data Historian to quickly meet the deadline and the directives.
The new directive requires critical pipelines to employ several preventative measures against cyber threats. Earlier this year, the initial security order was circulated as a response to the infamous ransomware attack on Colonial Pipeline.
TSA is aiming to reduce the vulnerability of pipelines to malicious cyber activity. The Colonial attack highlights the considerable threat of cyber intrusions to operational technology and control systems. This threat is especially prevalent in the oil and gas industry. Malicious attacks like these hurt the companies involved and hurt the people who rely on the infrastructure every day.
Threats to the nation’s critical infrastructure are constantly evolving. The pipeline sector must be flexible and proactively adopt new processes to protect themselves, and the nation, from cyber intrusions.
The new regulations require compliance for ‘critical’ pipelines, but less critical pipelines would be wise to follow suit. Whether your pipeline is critical or not, it is critical to implement the new cybersecurity requirements.
Part of the new cybersecurity directive requires critical pipelines to undergo a cybersecurity architecture design review each year. In anticipation of regulator examination, segregating OT and IT environments is an important measure to take. The eLynx Data Historian can assist with segregating user environments from control environments.
Additionally, the eLynx Data Historian can help with preventing an attack in one environment from spilling over into the other environment. The eLynx Data Historian prevents hackers from traversing between IT and OT environments. Adding a data historian layer can minimize user access to your SCADA control system. The eLynx Data Historian can be a fast and significant improvement to your cybersecurity strategy.
Critical infrastructure and small midstream operations alike should take the steps needed to segregate the control environment from the user environment. Operators can reduce their vulnerability by adding a data historian to isolate SCADA control systems.
Control systems should only be accessed by controllers. The eLynx Data Historian provides each user with the flexibility to consume and analyze data in the way that best suits their needs and their job description. Strengthen your cybersecurity measures while also empowering your entire operations team with the eLynx Data Historian.
The timeline requirement for critical pipelines is aggressive, aiming for operators to be compliant by 2022. While the penalty for missing the deadline is not known to the public, past penalties have resulted in financial fines.
The eLynx Technologies application is cloud-based. A cloud-based application means setup and implementation can take place in a matter of weeks, sometimes days.
The DHS Cybersecurity and Infrastructure Security Agency has provided resources to assist pipelines further reduce their risk of malicious cyber activity.
September 18, 2023