Today, the American Petroleum Institute (API) released an updated edition of its cybersecurity standard for pipelines. Accordingly, API said this document provides a comprehensive approach to cyber defense for critical infrastructure.
Read more of our news content, here; BKV Corp and Banpu Power to buy Texas natural gas power plant
Indeed, the update has been in development since 2017. Moreover, API said it results from expert input from more than 70 organizations; including, for instance, state and federal regulators within FERC, TSA, PHMSA, CISA, DoE, NIST. Also, from the Argonne National Laboratory, the American Gas Association (AGA), Interstate National Gas Association of America (INGAA); the Association of Oil Pipe Lines (AOPL), and numerous pipeline operators.
API on the updates
Similarly, API noted it based its updated edition on the NIST (National Institute of Standards and Technology) Cybersecurity Framework. Also, on NERC-CIP (Critical Infrastructure Protection) standards.
Besides, compared to the previous edition of the standard, it significantly expands the scope to cover all control system cybersecurity; instead of solely supervisory control and data acquisition (SCADA) systems.
Indeed, the expansion of the standard supports the Biden administration’s national security priorities. Also, it boosts the United Nations Sustainable Development Goal (UNSDG) 9 for resilient infrastructure.
Accordingly, API Senior Vice President of API Global Industry Services (GIS), Debra Phillips, said in an organization statement; “In fact, the new edition API Std 1164 builds on our industry’s long history; particularly, of engaging and collaborating with the federal government. Therefore, it protects the nation’s vast network of pipelines; and also, other critical energy infrastructure from cyberattacks.”
Similarly, Phillips added in the statement; “Indeed, this standard will help protect the nation’s critical pipeline infrastructure; particularly, by enhancing safeguards for both digital and operational control systems. Also, by improving safety and preventing disruptions along the entire pipeline supply chain.”
More comments and reception
Moreover, Phillips noted that “what sets this framework apart is its adaptive risk assessment model that provides operators; particularly, with an appropriate degree of flexibility to mitigate against the rapidly evolving cyber threat matrix proactively.”
On the other hand, commenting on the update, American Gas Association Senior Vice President for Safety, Operations and Security, Christina Sames, said; “In fact, this premier standard helps the operator manage cyber risks associated with control system cybersecurity environments; specifically, by providing requirements and guidance for proper isolation; mainly of control system environments from non-control system environments.”
Federal action toward enhancing cybersecurity
Indeed, and it is worth noting, in July, the White House published a national security memorandum on improving cybersecurity; specifically, for critical infrastructure control systems.
Therefore, within the memorandum, U.S. President Joe Biden outlined that cybersecurity threats are among the most significant issues confronting the nation. He also highlighted that the degradation, destruction, or malfunction of systems that control this infrastructure could cause substantial harm; not only to the country but also to the economic security of the United States.
Thus, Biden issued an executive order on improving the nation’s cybersecurity on May 12. In fact, the actions followed a cyberattack on the Colonial pipeline in early May.
