Note: Is Cyber TSCM part of your organizations Cybersecurity program? No? Never heard of Cyber TSCM? Then you already have a gaping hole in your organizations risk management program. Contact us we can help ~JDL
Cybersecurity concerns with our critical infrastructures are well known. In recent years, the
Department of Homeland Security (DHS) and other authorities have encouraged critical infrastructure owners and operators to take steps to ensure cybersecurity for both their business and critical control system assets.
American Petroleum Institute (API) was ahead of the game when, in October 2004, it issued API 1164, a voluntary industry standard specific to supervisory control and data acquisition (SCADA) systems designed to improve security within the oil and gas pipeline industry.
Most pipeline utilities have a security program implemented already, but in the changing landscape of attack threats and methodologies, the key question remains: Are current efforts enough? Cybersecurity risks to control systems range from pervasive malware designed by organized crime syndicates to insider threats and sophisticated, targeted attacks.
Information technology (IT) security teams are focused on preventing information theft: credit card numbers, contract details and intellectual property, for example.