Attacks and Vulnerabilities
CISA
Critical infrastructure
ICS Security Framework
Industrial Cyber Attacks
Malware, Phishing & Ransomware
Mining, Oil & Gas
News
Regulation, Standards and Compliance
Threat Landscape

CISA’s JCDC initiative launches 2023 Pipelines Cyber Defense Planning Effort to safeguard ONG sector

March 28, 2024
CISA’s JCDC initiative launches 2023 Pipelines Cyber Defense Planning Effort to safeguard ONG sector

Acknowledging the role of the oil and natural gas (ONG) subsector in ensuring shared security and prosperity, more than 25 ONG organizations, with a focus on high-throughput midstream natural gas pipeline owner-operators, along with their industrial control systems (ICS) vendors, came together under the Joint Cyber Defense Collaborative (JCDC) to launch the 2023 JCDC Pipelines Cyber Defense Planning Effort. 

Clayton Romans, associate director at the CISA identified in a Tuesday blog post that the 2023 JCDC Pipelines Cyber Defense Planning Effort was a novel approach to bring together pipeline owner-operators and their ICS vendors, in partnership with the Transportation Security Administration (TSA) and Department of Energy (DoE), to address shared challenges – whether ransomware incidents like the 2021 intrusion into Colonial Pipeline or persistent targeting by threat actors like the People’s Republic of China who possess the capability to disrupt natural gas pipelines, as highlighted in the ODNI 2023 Annual Threat Assessment. 

The agency identified that an effective response to these threats demands public-private collaboration efforts to defend pipeline networks against compromise and ensure they continue functioning in a worst-case scenario.

The Pipelines Cyber Defense Planning Effort resulted in a detailed by-industry, for industry network architecture diagram and adjoining principles, the ONG Pipelines Reference Architecture. Pipeline owner-operators and ICS vendors built this architecture to serve as a voluntary model to guide their investment, planning, and operations as they work to segment their networks better and mitigate intrusion campaigns. 

The ONG Pipelines Reference Architecture offers practical guidance for stepping up risk management and showcases the interplay between network segmentation, multi-factor authentication (MFA), external dependencies, and critical field devices.

Romans added, “By organizing collaboration between midstream pipeline owner-operators and ICS vendors, this cyber defense planning effort facilitated a foundation for industry to proactively take transformative steps to harden the digital networks that run our nation’s largest natural gas pipelines against compromises – an example of the vision first established by the Cyberspace Solarium Commission and codified by Congress to catalyze cyber defense planning that yields real change in our nation’s cybersecurity.”

“Participating in the PRA project was an exciting opportunity to showcase security best practices used by both large and small pipeline operators as well as key vendors in that space,” Rob Mims, director of security – gas, nuclear, and electric at Southern Company Gas, said. “It was a great example of how government and industry collaboration can produce a quality product that can be used by ONG operators and vendors to incorporate sound and tested network design principles into their own environments.”

Kimberly Denbow, vice president of security and operations at the American Gas Association said that “JCDC genuinely listened to stakeholders and fostered a constructive environment benefitting the common good and advancing our nation’s security posture.”

“The opportunity to work with a diverse group of industry specialists has proven insightful, as well as achieving the primary aims of developing an approach to securing pipeline operations,” said Steve Hill, director of SCADA solutions for Emerson Automation Solutions. “I think that much of the work that has been done as by this group will have applications beyond the pipeline industry. Many thanks to JCDC for facilitating this, and bringing together the team that did it.”

Craig Barrett, vice president of cybersecurity at Kinder Morgan, said “There are many public/private partnerships Kinder Morgan participates in, and our collective efforts between industry, government, and vendors on these important initiatives provided meaningful and actionable results. Kinder Morgan is a strong supporter of CISA and JCDC; this was a productive use of our time.”

“INGAA is grateful for the engagement between our member companies and CISA on this important effort, which we feel confident will support industry-wide collective defense efforts,” according to Maggie O’Connell, director of security, reliability, and resilience at Interstate Natural Gas Association of America. “Many of our members contributed significant time and resources to developing this PRA and we are glad to see those efforts come to fruition.”

In February, the CISA unveiled its 2024 planning agenda for the JCDC, with a specific emphasis on addressing the growing cyber threats originating from China against critical infrastructure installations. The agenda aims to bolster cybersecurity efforts and enhance collaborative efforts in countering these threats.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation