Monthly Archives: October 2012

Lisa O'Leary AGA: Intrusion Detection More Feasible Than Cybersecurity Prevention

Maintaining the security of our nation’s cyber networks is vital to protecting the country’s natural gas infrastructure. Online threats continue to change, thus our industry must remain active, engaged and vigilant. Whether we’re discussing the 2.4 million miles of natural gas pipeline or the cyber networks that help our businesses to operate, safety is the number one priority for AGA and our more than 200 utility members.

Recognizing the ever changing cybersecurity landscape, it’s important to accept that you won’t be able to block every intrusion out there. It is critical that resources are dedicated towards both detecting an intrusion and limiting the ability of a cyber attacker to transverse the organization’s network.  Many of our members are working with the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), part of the U.S. Department of Homeland Security, to accomplish this goal.

“A robust cybersecurity program has detection as a priority,” says AGA Director of Engineering Services Kimberly Denbow. “With a solid detection program, the operator increases the chances of slowing down the assault or stopping it before any critical functions or information is compromised.”

This layered approach, known as the “defense in depth” strategy is used by operators to protect control systems. Think of this as multiple doors an intruder would need to go through in order to access the inside of a closet in your home. Each door is rigged with a sensor or some type of detection mechanism. If the intruder made it into your house and to the closet, the chances of actually getting to your possessions inside the closet are significantly decreased because of the delays caused by the “layers,” or doors, and sensors that would be highlighted at each point.

It is important that companies continuously update and adapt their action plans in order to prepare for and detect potential cybersecurity attacks. Only through an environment that fosters increased operator awareness of cyber attacks and intrusion activities, increased information sharing, and increased training, can operators deploy customized cybersecurity platforms and mechanisms most suitable in a time-sensitive setting for their individual and distinct operational criteria. Government – private partnerships are critical to this end, and AGA is committed to these efforts and helping our membership reduce the risk of cybersecurity attacks that could significantly affect their businesses and the nation’s energy infrastructure.

Posted in cybersecurity, Natural Gas, people, safety, technology | 13 Comments

Christina Nyquist Natural Gas: Its Promise for the Next Decade and Beyond

AGA’s market stability report shows natural gas is the right choice.

Natural gas is showing its value as the best fuel choice for consumers in terms of price, reliability and efficiency.

But some may remember a time when natural gas was sometimes viewed as an unreliable and scarce energy source. Yet a new analysis by AGA shows that is no longer the case. Stability is here to stay.

The American Gas Association has released “The Promise of Natural Gas,” a vision that points to a decade or more of relative market stability projected for this domestic, abundant fuel, and outlines what it means for our nation and utility customers.

There has been a transformational shift in the natural gas marketplace. This new analysis shows that natural gas promises to remain a foundation fuel for the next decade and beyond. With technology allowing for the safe and responsible extraction of a stable and domestic resource base, natural gas can drive our economic recovery, increase our energy security and fuel a wide spectrum of consumer and business energy needs.  Here’s how:

  • Domestic Abundance: The United States has a large, diverse, reliable, accessible and ultimately affordable natural gas resource base.
  • Technological Progress: Further technological developments will allow producers to access even  more of the resource as well as mitigate some of the environmental and social impacts of production. This will keep natural gas affordable and available for customers.
  • Room to Grow: The robust supply of natural gas means there is opportunity for demand to expand by increasing and diversifying the fuel’s use. Investments in applications in home heating and appliances, business needs, electricity generation, industrial plants, private vehicles, trucking fleets, and public transportation, exporting liquefied natural gas and more will support the long-term vitality of natural gas production.
  • Market Price and Stability: Even significant increases of demand will be supported by the tremendous and accessible resource base in the United States. This will keep the natural gas market stable for the next ten years and possibly beyond, no longer subjecting customers to drastic swings in prices.

So what does this mean for the consumer? Choosing natural gas, in your home , at your business or in your car, or in the workplace means you can expect your energy bills to stay stable and relatively low for the next ten years. Along with conservation efforts and smart choices, this leaves more money in your pocket.

Read more about the The Promise of Natural Gas on AGA’s website.

Posted in energy | 1 Comment

Lisa O'Leary Protecting the Nation’s Natural Gas Pipeline SCADA Infrastructure

In today’s world, the threat of cybersecurity attacks is ongoing. Every organization—whether considered “critical infrastructure” or not—must remain active, engaged and vigilant in order to help prevent attacks to their online properties. America’s natural gas utilities fuel the lives of 177 million Americans each day, and they are consistently working to make sure their systems remain safe, secure and reliable. There have been entities that have tried to breach our systems, and while this has not led to serious damage or disruption, the intentions of those responsible are unknown. It is not a question of if, but when will cyber criminals strike. We must be prepared.

Across the industry, operators use the “defense in depth” strategy to protect their control systems. This military strategy, adapted to cybersecurity defense, entails the “layering” of tools and mechanisms as appropriate to protect against, detect and mitigate compromise. This strategy begins with corporate cybersecurity governance consisting of policies, standards and guidelines designed to protect Supervisory Control and Data Acquisition (SCADA) systems.

Consisting of software and hardware for system operations, SCADA monitors critical data from sensors in specific locations. The system then sends the compiled data to a central computer for a human operator to analyze and determine if signals need to be sent out to direct field equipment and pipeline conditions. The introduction of SCADA technology and its layers of defense have increased the safety of our natural gas delivery system significantly.

The American Gas Association (AGA) and its members recognize the importance of information sharing among operators and government partners to increase awareness about vulnerabilities, prevention methods and mitigation alternatives. Throughout the month of October, AGA is participating in National Cyber Security Awareness Month (NCSAM), an annual program designed to engage and educate public and private sector partners through events and initiatives. AGA will be posting weekly blog articles about cybersecurity topics, as well as daily content on our Facebook page and Twitter handle using the #NCSAM hashtag. Make sure to let us know what you’re doing this month to recognize NCSAM.

Posted in energy | 2 Comments

Lisa O'Leary AGA Continues To Make Cybersecurity a Top Priority

The Internet touches nearly every aspect of our daily lives from the moment we wake up until we fall asleep at night. It is involved with everything from the water in our homes to the e-mails we send at our offices. It’s the lifeline of networks in our hospitals, businesses and schools. It is connected to our elecricity grids and natural gas infrastructure. And it’s all at risk of a cyber attack every moment of every day – making cybersecurity one of our country’s most important national security priorities.

With over 2.4 million miles of pipeline, safety is the number one priority for the American Gas Association (AGA) and our members. Natural gas delivery systems have been targets of cyber-attacks. While this has not led to serious damages or disruption of our critical infrastructure, the intentions of those responsible are unknown.

“As a former Chairman of the House Intelligence Committee, I too recognize the gravity of our nation’s cyber vulnerabilities,” said AGA President and CEO Dave McCurdy. “We are consistently working to improve the safety and security of our systems.”

AGA worked with the Transportation Safety Administration (TSA) to develop Pipeline Security Guidelines. The Cybersecurity section effectively draws distinctions between critical and non-critical cyber assets and provides criteria to be followed in each. The guidance lays out a cybersecurity plan allowing operators the latitude to meet security goals in a fashion that best fits each of their individual operating system programs. For example, this gives gas/electric combination companies the flexibility to develop gas cybersecurity standards that do not conflict with existing electric cybersecurity regulations established by the North American Electric Reliability Corporation’s (NERC).

The AGA Executive Committee has met with experts from the United States Computer Emergency Readiness Team (US-CERT), part of the Department of Homeland Security (DHS). AGA encourages our members to register with US-CERT to receive timely alerts and advice on mitigation and to use the Cybersecurity Evaluation Tool (CSET™) which provides users with a systematic and repeatable approach for assessing the security of their cyber systems and networks.

This September, AGA’s Natural Gas Security Committee hosted a cybersecurity workshop in Atlanta, GA for AGA staff and electric utility members who are directly responsible for addressing cybersecurity. And throughout the month of October, AGA is participating in National Cyber Security Awareness Month (NCSAM), an annual program designed to engage and educate public and private sector partners through events and initiatives. AGA will be posting weekly blog articles about cybersecurity topics, as well as daily content on our Facebook page and Twitter handle using the #NCSAM hashtag.

Threats to the natural gas industry continue to change and so we must remain active, engaged and vigalent. Ron Jibson , incoming Chair of AGA’s Board of Directors, has said he will continue to make cybersecurity a top priority. AGA is committed to helping our membership reduce the risk of cybersecurity attacks that could significantly affect their businesses and the nation’s energy infrastructure. Let us know how your organization is protecting against cybersecurity attacks in the comments section below.

Posted in energy | 1 Comment