Author Archives: Rebecca Massello

Rebecca Massello

About Rebecca Massello

Rebecca Massello is the Security & Operations Manager at the American Gas Association (AGA). She leads and administers the work of the AGA Natural Gas Security Committee and Cybersecurity Strategy Task Force as well as the AGA Underground Storage Committee. Through her security work at AGA, Rebecca provides leadership to its members in coordinating industry-wide responses to cyber and physical security threats, issues and concerns. Prior to joining AGA in April 2015, Rebecca was Program Manager for Cybersecurity and Critical Infrastructure at Energetics Incorporated, a management consulting firm specializing in energy and infrastructure resilience. In that role, she supported clients at the U.S. Department of Energy focused on energy sector cybersecurity research and development to enhance the reliability and resilience of the nation's energy infrastructure. Rebecca has a B.S. in Integrated Science and Technology with concentrations in Energy and Environment from James Madison University and is currently working on a Business Administration/Information Technology dual degree at Marymount University.

Rebecca Massello Marrying Safety and Security – Natural Gas Utilities Build a Better Tomorrow

Promoting a culture of safety has long been the mantra for natural gas utilities. It is core to everything we do. The end goal is simple: protect the general public and our employees, while ensuring the continued safe and reliable delivery of natural gas to our customers. Carrying out this shared goal is the responsibility of every natural gas utility. Recognizing the importance of this role, the American Gas Association adopted the AGA’s Commitment to Enhancing Safety, which outlines voluntary actions being taken by AGA or individual operators.

Post September 11, we saw a new set of challenges on the home front and for critical infrastructure – security. Safe and reliable delivery of natural gas is critical to the health, safety, and economic well-being of our Nation, and natural gas utilities take this charge seriously. Natural gas utilities have historically taken measures to physically protect their assets from sabotage or unintentional harm. These physical security measures are often referred to as “guns, gates, and guards” and are intended to secure the perimeter and keep bad “things” out. As technology has continued to evolve, these tactics have become more advanced, employing technologies like microwave sensors, motion detectors, access controls, and alarms, all intended to give the operators more information and tools to protect their critical assets.

Beyond physical security, there is another rapidly evolving security threat – cyber adversaries. These adversaries can come in many forms, from nation states, to home grown extremists, to activists, to cyber criminals. Whoever the adversary, we face an uphill battle as we leverage an increasing amount of remote and automated technologies that help us to do our jobs more efficiently and reliably. Demonstrating this challenge, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has reported that the energy sector accounted for 20 percent of total reported incidents in 2016.[1] The increased deployment of automated technologies must also come with the appropriate cybersecurity controls to help ensure that cyber adversaries are not successful in their ultimate goal. To that aim, we apply a portfolio of tools, policies, procedures and practices intended to make it harder for the adversaries to access critical cyber networks and cause harm.

Today, we demonstrate that we are not just a culture of safety. We are a culture of safety AND security. Last year, the AGA Board of Directors approved AGA’s Commitment to Cyber and Physical Security, articulating our collective goal to stand up against the growing and dynamic security threats that exist. This commitment outlines our voluntary actions to identify, protect, detect, respond, and recover from threats and attacks. While we plan to keep the adversaries out and prevent attacks, we also know that some battles may be lost in this ongoing war, and we also plan how we will quickly recover and continue to reliably deliver critical services to our customers. All these guiding principles are outlined in this commitment statement.

There are approximately 2.5 million miles of pipelines making up the natural gas transmission and distribution infrastructure in the United States.[2] AGA’s members own and operate 2.2 million miles of this infrastructure. The signed letters of commitment to security that AGA has received to date collectively represent 2 million — or 90 percent — of AGA mileage, illustrating our dedication to these voluntary security actions.

As we march forward and carry out the principles outlined in this industry commitment, we continue to ensure that security is integral to everything we do. The security challenge is one that cannot be taken with complacency, and natural gas utilities are up to the challenge as we proactively take steps to help ensure that natural gas delivery continues to be safe, reliable, and secure into the future. For more on our commitment, click here.

[1] https://ics-cert.us-cert.gov/sites/default/files/Annual_Reports/Year_in_Review_FY2016_Final_S508C.pdf

[2] Based on PHMSA Annual Report Data, April 2017

Posted in cybersecurity, safety | Leave a comment