Feb 23, 2018

Maintaining optimal security in the Oil, Gas and Energy Industries

Gavin Holme
5 min
Cyber-threats need to be secured against in the oil and gas industry
Security, both physical and cyber security, is a top priority for any organization, especially in light of the year-on-year rise in cybercrim...

Security, both physical and cyber security, is a top priority for any organization, especially in light of the year-on-year rise in cybercrime. However, for certain industries, not having the proper security measures in place can put more than just the company’s reputation on the line. The Oil, Gas, and Energy industries are prime examples of such verticals. There is high adoption of ICT and automation in the Energy, Oil and Gas industry, which has made their processes faster & leaner. However, it has also made them more susceptible to Cyber lead attack on the Physical and Industrial asset.

Cybersecurity in Energy, Oil and Gas Industry has seen very sophisticated attacks in recent years which led to the breach of corporate assets, public infrastructure, and safety paving way for disruption, loss of life, reputation loss, increase in the cost of energy, oil and gas prices.

Complex environments

The Oil, Gas and Energy sectors are reliant on complex networks of pipelines, power stations, power grids and refineries which include a number of valuable assets, some of which can be potentially dangerous if they fall in the wrong hands. From an Information Technology (IT) infrastructure point of view, the complexity only increases. Many of these networks and operations are IT driven; their processes, workflows and procedures dependant on IT systems in order to function and operate optimally.

Securing both physical infrastructure and protecting sensitive data is key.  Due to the complexity of these environments, security should be broken down into two components: traditional IT security and all it entails- coupled with industrial data, or cyber security. There is an overlap between the two, as industrial data is merged with IT data – information that is sensitive, highly confidential and must be protected at all costs.

The threats

The Oil, Gas and Energy industries are facing several threats .  Most Oil and Gas companies operate offshore in different countries for exploration, refining is known to us as Upstream and Midstream and hence are prone to attach from state and non-state actors operating in the region or globally. There is also a higher threat faced by these industries due to their reliance on the third party for a large portion of  work, given that  they work in remote locations . There is the enticement for terrorists and similar factions of disrupting, depleting or destroying the supply of critical government resources. Disruptions in Energy plants and its operations can sabotage critical Infrastructure functions like railways, airports, plant, smart cities, etc effecting the city, infrastructure and economy. 

Most Oil, Gas and Energy environments are fully digital or electronic today. From access control, to ventilation systems, to shaft lifts and pipeline shutdowns – virtually everything is automated. An attack on systems that control these processes can result in terrible disasters, such as trapped miners, loss of oxygen or gas explosions; all of which puts businesses and lives at risk. Protecting these systems becomes crucial to maintaining the integrity of an organisation.

Cyber security

The smarter organization gets with their technology adoption, security needs are heightened.  IT security measures are critical and need to cover all traditional bases. Everything from endpoint security to network and perimeter security, security within the data centres, advanced threat protection, Identity & Access Management, Application security, Security Intelligence & Monitoring of Operational Technology (OT), Internet of Things (IoT), SCADA and Industrial security along with IT.

These organizations should consider revisiting their investment in IP cameras; proper access controls which include biometrics, access permissions, ID validation and attendance verification systems; asset management systems, and much more. Ultimately, the security of an organisation is entirely dependent on how much it is willing to invest in top-to-bottom security measures – the higher the priority placed on security investments, the less risk for the business.

All of these measures should be implemented from a central point, for better management as well as to address compliance and regulatory requirements. There is a high level of risk and danger associated with these industries. Everything from health and safety practices, to transport and delivery compliances, to hazardous material handling and employee access rights must be factored into the security strategy. Managing these from a central point allows smoother transitioning between security functions, while giving security teams better track management and monitoring capabilities.

Also with high adaption of Internet of things organizations need to take their security and compliance into considerations. Apart from the Critical Infrastructure standard and specific industry standard for energy, oil and Gas like NIST, CIS, ISO27001/2, PCI DSS, IOT to have standard such as ISA, ISO, IEEE, Fieldbus, Ethernet to name a few.

Energy, Oil and Gas Industry have also formed consortiums forums for cyber security. Oil and Gas companies have formed forums since 2004 like Linking Oil and Gas Industry to Improve Cyber Security (LOGIIC),  a program undertaken by British Petroleum (BP), Shell, Total and Chevron for research and development in the field of cyber security. Similarly, Energy companies have formed a Forum for Incident Response and Security Team (FIRST) which is the coordination body for cyber incident response for Government and Private sectors in around 61 countries.

Although technology enabled, not all players in the Oil, Gas and Energy industries are abreast with implementation of technology.. Their focus is typically on delivering sustainable energy solutions to the government and private sectors, as safely as possible. Due to the complexities involved with compliancy, as well as the high level of technology and associated security risks, obtaining the services of a knowledgeable service provider can ensure that these organisations can focus on what they do best, while its assured that security is being prioritised by those with the experiences and skills to do so.

Organisations need to constantly review their cyber security plans and strategy in order to be prepared for any onslaught. Organisations in the Oil, Gas and Energy sectors should keep constant tabs on what is happening in the cyber-security and cyber-crime landscape – at all times. This will help them mitigate their risk and potentially avoid becoming targets.

Energy, Oil and Gas companies can leverage the insights and expertise of security service providers to ensure that they remain in the loop with current happenings. These partners are also able to help them to plan the best possible strategy which offers a 360° view of their security operations, in order to avoid common – and new – security pitfalls.

Gavin Holme is the Country Manager of Africa at Wipro Limited.

Share article

Jul 26, 2021

Form Energy receives funding power for iron-air batteries

Dominic Ellis
3 min
Startup Form Energy receives $200 million Series D financing round led by ArcelorMittal’s XCarb innovation fund to further develop iron-air batteries

Form Energy believes it has cracked the conundrum of commercialising grid storage through iron-air batteries - and some of the biggest names in industry are backing its potential.

The startup recently announced the battery chemistry of its first commercial product and a $200 million Series D financing round led by ArcelorMittal’s XCarb innovation fund. Founded in 2017, Form Energy is backed by investors Eni Next LLC, MIT’s The Engine, Breakthrough Energy Ventures, Prelude Ventures, Capricorn Investment Group and Macquarie Capital.

While solar and wind resources are the lowest marginal cost sources of electricity, the grid faces a challenge: how to manage the multi-day variability of renewable energy, even in periods of multi-day weather events, without sacrificing energy reliability or affordability.

Moreover, while Lithium-ion batteries are well suited to fast bursts of energy production, they run out of energy after just a few hours. Iron-air batteries, however, are predicted to have theoretical energy densities of more than 1,200 Wh/kg according to Renaissance of the iron-air battery (phys.org)

The active components of Form Energy's iron-air battery system are some of the cheapest, and most abundant materials: iron, water, and air. Iron-air batteries are the best solution to balance the multi-day variability of renewable energy due to their extremely low cost, safety, durability, and global scalability.

It claims its first commercial product is a rechargeable iron-air battery capable of delivering electricity for 100 hours at system costs competitive with conventional power plants and at less than 1/10th the cost of lithium-ion and can be optimised to store electricity for 100 hours at system costs competitive with legacy power plants.

"This product is our first step to tackling the biggest barrier to deep decarbonisation: making renewable energy available when and where it’s needed, even during multiple days of extreme weather, grid outages, or periods of low renewable generation," it states.

Mateo Jaramillo, CEO and Co-founder of Form Energy, said it conducted a broad review of available technologies and has reinvented the iron-air battery to optimise it for multi-day energy storage for the electric grid. "With this technology, we are tackling the biggest barrier to deep decarbonization: making renewable energy available when and where it’s needed, even during multiple days of extreme weather or grid outages," he said.

Form Energy and ArcelorMittal are working jointly on the development of iron materials which ArcelorMittal would non-exclusively supply for Form’s battery systems. Form Energy intends to source the iron domestically and manufacture the battery systems near where they will be sited. Form Energy’s first project is with Minnesota-based utility Great River Energy, located near the heart of the American Iron Range.

Greg Ludkovsky, Global Head of Research and Development at ArcelorMittal, believes Form Energy is at the leading edge of developments in the long-duration, grid-scale battery storage space. "The multi-day energy storage technology they have developed holds exciting potential to overcome the issue of intermittent supply of renewable energy."

Investors in Form Energy's November 2020 round included Energy Impact Partners, NGP Energy Technology Partners III, and Temasek.

In May 2020, it signed a contract with Minnesota-based utility Great River Energy to jointly deploy a 1MW / 150MWh pilot project to be located in Cambridge, MN. Great River Energy is Minnesota's second-largest electric utility and the fifth largest generation and transmission cooperative in the US.

Last week Helena and Energy Vault announced a strategic partnership to identify additional opportunities for Energy Vault’s waste remediation technologies as the company begins deployment of its energy storage system worldwide. It received new investment from Saudi Aramco Energy Ventures (SAEV) in June.

Maoneng has revealed more details of its proposed 240MWp / 480MWh Battery Energy Storage System (BESS) on Victoria’s Mornington Peninsula in Australia (click here).

The BESS represents hundreds of millions of dollars of investment that will improve electricity grid reliability and network stability by drawing energy from the grid during off-peak periods for battery storage, and dispatching energy to the grid during peak periods. 

Share article