Cyber security in oil and gas [report]

An in-depth look at how are oil and gas organisations preparing for cyber threats.

Add bookmark


We respect your privacy, by clicking "Download Your Copy" you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object . In addition, you agree to having your details passed onto the sponsor who may promote similar products and services related to your area of interest subject to their privacy policy. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

In this report, Oil & Gas IQ finds out what precautions companies are taking over cyber security. Is it something that organisations are prioritising, or do they already feel equipped to deal with today’s threats? To find out, we sent out a survey to our 100,000-strong membership to take an accurate snapshot of the current climate. We explore these results further in the analysis that follows.

The oil and gas (O&G) industry has changed substantially over the last decade. The greater connectivity of the digital age and the Internet of Things (IoT) has resulted in increased efficiency through big data, analytics, sensors and the ability to automate highly-sensitive tasks.

However, it has also opened the doors to cyber attacks. The O&G sector is no longer protected by isolated control systems and detached core operations – meaning that cyber security will be a major area of investment for O&G organisations.

In this report, we look at:

  • Why O&G organisations consider a primitive cyber security culture as one of the biggest vulnerabilities – as expressed by over 60 per cent of our respondents.
  • How 49 per cent of our respondents believe that operational technology personnel and information technology personnel should be used equally.
  • Why 50 per cent of respondents told us that they do have IT security policies that are routinely followed.
  • The fact that a third of all respondents believe that their procedures are rarely tested and followed, despite IT security policies being such a core aspect of any cyber security framework.
  • How a majority of respondents – 40 per cent – believe that risk profile in their organisation is ‘poorly understood and not improving’.
  • How almost a quarter of professionals in this space believe that some departments have a better grasp of risk profile than others. 

The common theme throughout this survey is that despite a hike in investment, the O&G sector is suffering a shortfall in cyber security confidence and capability.
One of the major reasons why the industry finds itself in this state is because of its recent foray into technologies associated with the IoT and the general move towards increased connectivity.