{"id":1706,"date":"2020-03-18T18:37:43","date_gmt":"2020-03-18T18:37:43","guid":{"rendered":"http:\/\/72.52.228.46\/~itegriti\/?p=1706"},"modified":"2021-04-12T05:17:09","modified_gmt":"2021-04-12T05:17:09","slug":"securing-oil-natural-gas-pipelines","status":"publish","type":"post","link":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/","title":{"rendered":"Securing the Oil and Natural Gas Pipelines"},"content":{"rendered":"<div class=\"fusion-fullwidth fullwidth-box fusion-builder-row-1 nonhundred-percent-fullwidth non-hundred-percent-height-scrolling\" style=\"--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-flex-wrap:wrap;\" ><div class=\"fusion-builder-row fusion-row\"><div class=\"fusion-layout-column fusion_builder_column fusion-builder-column-0 fusion_builder_column_1_1 1_1 fusion-one-full fusion-column-first fusion-column-last\" style=\"--awb-bg-size:cover;\"><div class=\"fusion-column-wrapper fusion-column-has-shadow fusion-flex-column-wrapper-legacy\"><div class=\"fusion-text fusion-text-1\"><p>According to a <a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/aa20-049a\" target=\"_blank\" rel=\"noopener noreferrer\">CISA security alert<\/a>, a ransomware attack has hit a natural gas compression facility in the U.S., resulting in a two-day pipeline shutdown as the unnamed victim worked to bring systems back online from backups.<\/p>\n<p>The attackers were able to penetrate the IT portion of the facility\u2019s network and then move beyond that to eventually infiltrate the control and communication assets on the operational technology (OT) side of the natural gas compression facility. This initial compromise to the IT network led to the cyber attacker deploying a \u201ccommodity ransomware\u201d to encrypt data on both the IT and the OT networks. The ability to pivot was thanks to a lack of network segmentation between the IT and the OT portions of the infrastructure, CISA <a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/aa20-049a\" target=\"_blank\" rel=\"noopener noreferrer\">said<\/a>.<\/p>\n<p>\u201cThe breach stemmed from a spearfishing link that first provided access to the IT network before allowing a pivot\u00a0to the OT network.\u00a0 This specific breach was avoidable,\u201d says Michael Sanchez, President at ITEGRITI. The CISA alert provides several operational as well as technical mitigation guides. \u201cThese mitigation measures are largely hygiene-control related and include network segmentation, MFA, backup, access management, anti-virus, and user training,\u201d notes Sanchez. \u201cCISA provided great guidance that should be applied across all critical infrastructure, and we further suggest that all organizations who want reliable and available systems follow suit,\u201d concludes Michael Sanchez.<\/p>\n<p>The above incident is a first-class opportunity to review what regulations dictate about pipeline security.<\/p>\n<\/div><div class=\"fusion-title title fusion-title-1 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>The API 1164 Standard<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-2\"><p>The overarching document in pipeline cybersecurity is American Petroleum Industry Standard 1164 (API 1164), titled \u201cPipeline SCADA Security\u201d. The first edition of the document was released in 2004, while the effective edition is the second from June 2009.<\/p>\n<p>The standard \u201cprovides guidance to the operators of oil and gas liquids pipeline systems for managing SCADA system integrity and security.\u201d The goal of the standard is to ensure that there are \u201cno adverse effects on employees, the environment, the public or the customers\u201d as a result of cyber-criminal activities. To achieve its goal, the primary objectives of the standard are to:<\/p>\n<ul>\n<li>Analyze vulnerabilities that can be further exploited<\/li>\n<li>List the processes to identify these system vulnerabilities<\/li>\n<li>Provide a list of best practices to harden the core architecture<\/li>\n<li>Provide examples of industry best practices<\/li>\n<\/ul>\n<\/div><div class=\"fusion-text fusion-text-3\"><p>According to API 1164, the first step to address system vulnerabilities is to develop \u201ca security management program with defined policies and procedures that complements the pipeline security plan.\u201d The security plan itself is centered on people, processes and technology. The management plan should include provisions for establishing a Business Continuity Plan (BCP) and an Incident Response Plan (IRP), developing a change management plan, restricting the installation and use of non-authorized software and applications, and having a vulnerability management program to address risks of applying patches and updates to real-time systems.<\/p>\n<p>On a technical level, the standard calls for implementing system access control procedures for user authentication and authorization. In addition, the document provides practices for achieving secure interconnectivity between the SCADA systems and other corporate business systems. The standard dictates the use of:<\/p>\n<ul>\n<li>Firewalls<\/li>\n<li>Demilitarized Zones (DMZ)<\/li>\n<li>Network management \/ visibility<\/li>\n<li>Network monitoring<\/li>\n<li>Network security using IDPS and file audit and control<\/li>\n<\/ul>\n<\/div><div class=\"fusion-text fusion-text-4\"><p>Finally, API 1164 provides guidance on developing procedures for data interchange between SCADA systems and business networks, between partners\u2019 SCADA systems, and to third parties for the provision of support.<\/p>\n<p>It is easily understood that the current version of the API 1164 standard is outdated. This fact has been acknowledged by the American Petroleum Industry in a joint report with the Oil and Natural Gas Subsector Coordinating Council (ONG SCC). The report, titled as \u00a0<a href=\"https:\/\/www.api.org\/news-policy-and-issues\/cybersecurity\/defense-in-depth-cybersecurity-in-the-natural-gas-and-oil-industry\" target=\"_blank\" rel=\"noopener noreferrer\">Defense-in-Depth: Cybersecurity in the Natural Gas and Oil Industry<\/a>, reads: \u201cAPI Standard 1164, is specific to pipeline cybersecurity. Subject matter experts from natural gas and oil companies, as well as cybersecurity vendors, are currently working to update API 1164 to make it complementary to the NIST CSF [Cybersecurity Framework] and other applicable cybersecurity standards, such as ISA\/IEC 62443 while still providing pipeline-specific cybersecurity guidance.\u201d<\/p>\n<p>The decision to update API 1164 stems from the fact that \u201cnatural gas and oil companies\u2019 assets are the targets of a growing number of increasingly sophisticated cyberattacks perpetrated by a variety of attackers including nation-states and organized international criminals.\u201d API and ONG SCC have jointly stated that \u201ccybersecurity is a top priority for the natural gas and oil industry,\u201d because these attacks or severe cyber incidents may result in \u201cenergy disruptions that can impact national security and public safety.\u201d<\/p>\n<p>Since cyberattacks are also \u201centerprise risks\u201d, oil and gas companies are willing to develop \u201ccomprehensive approaches to cybersecurity similar to industry\u2019s approach to managing safety: robust governance, systematic risk-based management, and multi-dimensional programs based on proven frameworks including the NIST Cybersecurity Framework (NIST CSF), best-in-class international cybersecurity standards including ISA\/IEC 62443,\u201d says the <a href=\"https:\/\/www.api.org\/~\/media\/Files\/Policy\/Cybersecurity\/2018\/Defense-in-Depth-Cybersecurity-in-the-Natural-Gas-and-Oil-Industry.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Defense-in-Depth report<\/a>.<\/p>\n<\/div><div class=\"fusion-title title fusion-title-2 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>Pipeline Cybersecurity Initiative<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-5\"><p>Acknowledging the importance of having <a href=\"https:\/\/www.dhs.gov\/news\/2018\/10\/03\/dhs-and-doe-meet-oil-and-natural-gas-sector-coordinating-council-announce-pipeline\" target=\"_blank\" rel=\"noopener noreferrer\">a strategic approach<\/a> to securing the oil and gas industry, the Oil and Natural Gas Subsector Coordinating Council (ONG SCC) and the Department of Homeland Security (DHS) decided to launch the <a href=\"https:\/\/www.cisa.gov\/pipeline-cybersecurity-initiative\" target=\"_blank\" rel=\"noopener noreferrer\">Pipeline Cybersecurity Initiative<\/a> \u201cin order to identify and mitigate vulnerabilities to the pipeline ecosystem.\u201d<\/p>\n<p>The initiative enables pipeline owners and operators to identify and mitigate potential vulnerabilities through assessments. These assessments will provide invaluable information on pipeline assets and can be used to \u201cfurther enhance long-term pipeline cybersecurity risk analysis, planning, and coordination efforts between the public and private sectors.\u201d<\/p>\n<\/div><div class=\"fusion-title title fusion-title-3 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>Pipeline Security Guidelines<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-6\"><p>As part of the Pipeline Cybersecurity Initiative, DHS Transportation Security Administration (TSA) released revised Pipeline Security Guidelines, which serve as the governance framework for the update of API 1164 standard. These guidelines are applicable to \u201coperational natural gas and hazardous liquid transmission pipeline systems, natural gas distribution pipeline systems, and liquefied natural gas facility operators.\u00a0 Additionally, they apply to operational pipeline systems that transport materials categorized as toxic inhalation hazards (TIH)\u201d.<\/p>\n<p>The guidelines call for a risk-based approach and asks pipeline operators to develop corporate security programs and plans. The security plan should be tailored to the operator\u2019s needs and appropriate to the risk environment. The security plan should:<\/p>\n<ul>\n<li>Assign roles and responsibilities<\/li>\n<li>Document policies and procedures for conducting criticality assessments, risk assessments, and security vulnerability assessments (SVAs)<\/li>\n<li>Be in harmony with other corporate plans, such as the business continuity plan and the incident response plan.<\/li>\n<\/ul>\n<\/div><div class=\"fusion-text fusion-text-7\"><p>Based on the risk assessment, pipeline operators should develop baseline and enhanced security measures. The baseline measures are to be applied at all pipeline cyber assets, while both baseline and enhanced measures must be applied to all critical pipeline cyber assets. \u201cPipeline cyber assets\u201d are OT systems such as control systems (SCADA, process control systems (PCS), distributed control systems (DCS)), measurement systems and telemetry systems. According to the guidelines, \u201ccritical pipeline cyber assets are OT systems that can control operations on the pipeline\u201d, while \u201cnon-critical pipeline cyber assets are OT systems that monitor operations on the pipeline.\u201d<\/p>\n<p>The TSA Pipeline Security Guidelines is the first approach to harmonize the actions required to mitigate cybersecurity challenges and vulnerabilities with the NIST Cybersecurity Framework. In fact, the guidelines suggest that \u201cto implement an effective cybersecurity strategy, pipeline operators should consider the approach outlined in the NIST Framework.\u201d Therefore, the cybersecurity guidelines are organized according to the NIST Cybersecurity Framework functions of Identify, Protect, Detect, Respond, and Recover.<\/p>\n<\/div><div class=\"fusion-title title fusion-title-4 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>Weaknesses In TSA Pipeline Security Program<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-8\"><p>In May 2019, the US Government Accountability Office (GAO) performed a study to identify any weaknesses in the TSA Pipeline Security Guidelines. According to the <a href=\"https:\/\/www.gao.gov\/products\/GAO-19-542T\" target=\"_blank\" rel=\"noopener noreferrer\">GAO report<\/a>, although the Department of Homeland Security&#8217;s (DHS) Transportation Security Administration (TSA) had revised its pipeline security guidelines to reflect changes in the threat environment and incorporate most of the principles and practices from the NIST Cybersecurity Framework, the revisions do not include all elements of the current NIST framework and TSA does not have a documented process for reviewing and revising its guidelines on a regular basis.<\/p>\n<p>In addition, TSA had failed to update the pipeline risk assessment to reflect current threats to the pipeline industry. Further, its sources of data and underlying assumptions and judgments regarding certain threat and vulnerability inputs are not fully documented.<\/p>\n<p>As a result, GAO has recommended for TSA to revise and document its pipeline security guidelines and to update the pipeline cyber risk assessment.<\/p>\n<\/div><div class=\"fusion-title title fusion-title-5 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>Updated API 1164: Works in Progress<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-9\"><p>As a result of the above recommendations and considerations, API 1164 is now being revised. The revised version 3 will be put in the ballot during Q1 2020 and will be fully harmonized with NIST Cybersecurity Framework and ISA\/IEC 62443 standard. The revised standard will cover all pipeline OT environments (SCADA, local controls and IIoT) for both oil and natural gas pipelines.<\/p>\n<p>According to <a href=\"https:\/\/www.sans.org\/cyber-security-summit\/archives\/file\/summit-archive-1568740368.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">a presentation<\/a> from SANS Cyber Security Summit, the new API 1164 will be a broad Oil and Natural Gas (ONG) industry consensus standard, marking a great improvement from the previous version which was of limited scope, applicability and enforcement. It will be a risk vs impact based standard, providing tailored industry guidance and covering the entire supply chain \u2013 operators, integrators and system technology.<\/p>\n<\/div><div class=\"fusion-title title fusion-title-6 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>Conclusion<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-10\"><p>More than 2.7 million miles of pipeline transport and distribute natural gas, oil, and other hazardous products throughout the United States. Interstate pipelines run through remote areas and highly populated urban areas and are vulnerable to accidents, operating errors, and malicious physical and cyber-based attacks or intrusion. Pipeline system disruptions could result in commodity price increases or widespread energy shortages.<\/p>\n<p>Under the auspices of DHS TSA, the ONG industry is about to witness the biggest revision in pipeline security guidelines of the decade. If you want to stay ahead of the news and be informed of the latest developments in ONG pipeline security, follow <a href=\"https:\/\/twitter.com\/itegriti\">ITEGRITI<\/a> or <a href=\"http:\/\/72.52.228.46\/~itegriti\/contact\/\">contact<\/a> the experts.<\/p>\n<\/div><div class=\"fusion-clearfix\"><\/div><\/div><\/div><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":10,"featured_media":1707,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2179,13],"tags":[839],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.0 (Yoast SEO v23.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Securing the Oil and Natural Gas Pipelines: API 1164<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Securing the Oil and Natural Gas Pipelines\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/\" \/>\n<meta property=\"og:site_name\" content=\"kw022024\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/itegriti\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-18T18:37:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-12T05:17:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Anastasios Arampatzis\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TassosAramp\" \/>\n<meta name=\"twitter:site\" content=\"@itegriti\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Anastasios Arampatzis\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/\"},\"author\":{\"name\":\"Anastasios Arampatzis\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673\"},\"headline\":\"Securing the Oil and Natural Gas Pipelines\",\"datePublished\":\"2020-03-18T18:37:43+00:00\",\"dateModified\":\"2021-04-12T05:17:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/\"},\"wordCount\":2372,\"publisher\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png\",\"keywords\":[\"8 Minute Read\"],\"articleSection\":[\"Compliance\",\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/\",\"url\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/\",\"name\":\"Securing the Oil and Natural Gas Pipelines: API 1164\",\"isPartOf\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png\",\"datePublished\":\"2020-03-18T18:37:43+00:00\",\"dateModified\":\"2021-04-12T05:17:09+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage\",\"url\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png\",\"contentUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png\",\"width\":800,\"height\":450,\"caption\":\"8 Tips for Communicating Cybersecurity to the Board\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/itegriti.com\/kw022024\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Securing the Oil and Natural Gas Pipelines\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#website\",\"url\":\"https:\/\/itegriti.com\/kw022024\/\",\"name\":\"ITEGRITI\",\"description\":\"cybersecurity | compliance | managed services\",\"publisher\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/itegriti.com\/kw022024\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\",\"name\":\"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services\",\"url\":\"https:\/\/itegriti.com\/kw022024\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png\",\"contentUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png\",\"width\":600,\"height\":100,\"caption\":\"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/itegriti\",\"https:\/\/x.com\/itegriti\",\"https:\/\/www.linkedin.com\/company\/itegriti\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673\",\"name\":\"Anastasios Arampatzis\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g\",\"caption\":\"Anastasios Arampatzis\"},\"description\":\"Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years\u2019 worth of experience in managing IT projects and evaluating cybersecurity. During his service in the Armed Forces, he was assigned to various key positions in national, NATO and EU headquarters and has been honoured by numerous high-ranking officers for his expertise and professionalism. He was nominated as a certified NATO evaluator for information security. Anastasios\u2019 interests include among others cybersecurity policy and governance, ICS and IoT security, encryption, and certificates management. He is also exploring the human side of cybersecurity - the psychology of security, public education, organizational training programs, and the effect of biases (cultural, heuristic and cognitive) in applying cybersecurity policies and integrating technology into learning. He is intrigued by new challenges, open-minded and flexible. Currently, he works as a cybersecurity content writer for Bora - IT Security Marketing. Tassos is a member of the non-profit organization Homo Digitalis.\",\"sameAs\":[\"http:\/\/www.welcometobora.com\",\"https:\/\/www.linkedin.com\/in\/anastasiosarampatzis\/\",\"https:\/\/x.com\/TassosAramp\"],\"url\":\"https:\/\/itegriti.com\/kw022024\/author\/anastasios-arampatiz\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Securing the Oil and Natural Gas Pipelines: API 1164","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/","og_locale":"en_US","og_type":"article","og_title":"Securing the Oil and Natural Gas Pipelines","og_url":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/","og_site_name":"kw022024","article_publisher":"https:\/\/www.facebook.com\/itegriti","article_published_time":"2020-03-18T18:37:43+00:00","article_modified_time":"2021-04-12T05:17:09+00:00","og_image":[{"width":800,"height":450,"url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png","type":"image\/png"}],"author":"Anastasios Arampatzis","twitter_card":"summary_large_image","twitter_creator":"@TassosAramp","twitter_site":"@itegriti","twitter_misc":{"Written by":"Anastasios Arampatzis","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#article","isPartOf":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/"},"author":{"name":"Anastasios Arampatzis","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673"},"headline":"Securing the Oil and Natural Gas Pipelines","datePublished":"2020-03-18T18:37:43+00:00","dateModified":"2021-04-12T05:17:09+00:00","mainEntityOfPage":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/"},"wordCount":2372,"publisher":{"@id":"https:\/\/itegriti.com\/kw022024\/#organization"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage"},"thumbnailUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png","keywords":["8 Minute Read"],"articleSection":["Compliance","Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/","url":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/","name":"Securing the Oil and Natural Gas Pipelines: API 1164","isPartOf":{"@id":"https:\/\/itegriti.com\/kw022024\/#website"},"primaryImageOfPage":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage"},"thumbnailUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png","datePublished":"2020-03-18T18:37:43+00:00","dateModified":"2021-04-12T05:17:09+00:00","breadcrumb":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#primaryimage","url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png","contentUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/Untitled-design-13.png","width":800,"height":450,"caption":"8 Tips for Communicating Cybersecurity to the Board"},{"@type":"BreadcrumbList","@id":"https:\/\/itegriti.com\/kw022024\/2020\/cybersecurity\/securing-oil-natural-gas-pipelines\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/itegriti.com\/kw022024\/"},{"@type":"ListItem","position":2,"name":"Securing the Oil and Natural Gas Pipelines"}]},{"@type":"WebSite","@id":"https:\/\/itegriti.com\/kw022024\/#website","url":"https:\/\/itegriti.com\/kw022024\/","name":"ITEGRITI","description":"cybersecurity | compliance | managed services","publisher":{"@id":"https:\/\/itegriti.com\/kw022024\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itegriti.com\/kw022024\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/itegriti.com\/kw022024\/#organization","name":"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services","url":"https:\/\/itegriti.com\/kw022024\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/","url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png","contentUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png","width":600,"height":100,"caption":"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/itegriti","https:\/\/x.com\/itegriti","https:\/\/www.linkedin.com\/company\/itegriti\/"]},{"@type":"Person","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673","name":"Anastasios Arampatzis","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g","caption":"Anastasios Arampatzis"},"description":"Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years\u2019 worth of experience in managing IT projects and evaluating cybersecurity. During his service in the Armed Forces, he was assigned to various key positions in national, NATO and EU headquarters and has been honoured by numerous high-ranking officers for his expertise and professionalism. He was nominated as a certified NATO evaluator for information security. Anastasios\u2019 interests include among others cybersecurity policy and governance, ICS and IoT security, encryption, and certificates management. He is also exploring the human side of cybersecurity - the psychology of security, public education, organizational training programs, and the effect of biases (cultural, heuristic and cognitive) in applying cybersecurity policies and integrating technology into learning. He is intrigued by new challenges, open-minded and flexible. Currently, he works as a cybersecurity content writer for Bora - IT Security Marketing. Tassos is a member of the non-profit organization Homo Digitalis.","sameAs":["http:\/\/www.welcometobora.com","https:\/\/www.linkedin.com\/in\/anastasiosarampatzis\/","https:\/\/x.com\/TassosAramp"],"url":"https:\/\/itegriti.com\/kw022024\/author\/anastasios-arampatiz\/"}]}},"_links":{"self":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/1706"}],"collection":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/comments?post=1706"}],"version-history":[{"count":5,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/1706\/revisions"}],"predecessor-version":[{"id":2732,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/1706\/revisions\/2732"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/media\/1707"}],"wp:attachment":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/media?parent=1706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/categories?post=1706"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/tags?post=1706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}