Pipeline Cybersecurity: State of the Industry and Proposed Roadmap Recording

2.6 million miles of pipelines deliver trillions of cubic feet of natural gas and hundreds of billions of tons of liquid petroleum products each year in the US. This infrastructure is largely operated by industrial control systems, typically referred to as SCADA systems, that are interconnected through an extensive combination of wired, wireless, public, and private networks. While there are voluntary standards and guidelines, there is currently no US regulation that encompasses cybersecurity for the pipeline sector. As such, the cybersecurity maturity of the pipeline sector is generally behind other energy sectors and there is wide variability in the cybersecurity readiness of pipeline operators.


This webinar recording discusses the current state of pipeline cybersecurity, the challenges facing the sector, and the available standards and guidance. Afterwards, we present a recommended roadmap for pipeline operators based on findings from over 80 pipeline cybersecurity assessments performed over the last 7 years.


See Recording at our Cybersecurity Knowledge Center : https://aecyber.podia.com/pipeline-cybersecurity-state-of-the-industry-and-proposed-roadmap



Presenters:

John Cusimano - Vice President of Industrial Cybersecurity

John has over 20 years of experience and has performed many control system cybersecurity vulnerability and cyber risk assessments. He is a member of the International Society of Automation (ISA) and is a voting member of the ISA 99 cybersecurity standards committee. As part of that committee, he is the chair of the zones and conduits working group, and co-chair of the product development working group. He is the developer and primary instructor of the ISA courses on cybersecurity. John is a Certified Functional Safety Expert (CFSE), a Certified Information Systems Security Professional (CISSP), and a Global Industrial Cyber Security Professional (GICSP). John has a B.S. in Electrical and Computer Engineering from Clarkson University in New York. Association Activity John is chairman of the ISA 99 working group for 62443-3-2 standard. He is also a member of the ICSJWG steering committee, on the CompTIA Cybersecurity Advisory Council (CAC), and a member of the the (CS)2AI Global Advisory Board and is also a Fellow for (CS)2AI.


Paul Rostick - CISO & Senior Principal Cybersecurity Advisor

Paul Rostick is the Chief Information Security Officer (CISO) and an Industrial Cybersecurity Advisor for aeSolutions. He advises company executives on establishing strategic Industrial Cybersecurity Programs. ​ Prior to joining aeSolutions, Paul was the CISO and Director of Cybersecurity Programs for Sunoco Logistics Partners, where he developed their first integrated IT/OT Cybersecurity Program. He has over 25 years of IT/OT/EHS experience in the Oil & Gas industry. Paul’s cybersecurity articles have been published in various industry publications, including Pipeline and Gas Journal, ISA InTech Magazine, TechTarget Search Security, and Linked-In. Paul regularly presents on Cybersecurity Program topics at industry conferences and forums, including ARCForum, AFPM, and AiCHE.