After our first article on new job opportunities to come from the use of the Internet of Things and Big Data in oil and gas, here we look at how the oil and gas industry is set to employ further cybersecurity professionals as cyberattacks targeting the sector increase.
The increasing use of the Internet of Things and Big Data in oil and gas is bound to lead to further concerns about cybersecurity among companies that operate in the sector. Indeed, it is a problem that already plagues the industry. Several organizations focused on cybersecurity see the energy industry as being especially susceptible to cyberattacks.
The U.S. Department of Homeland Security (DHS) frequently highlights the energy sector as being the target of cybersecurity incidents. In 2015, DHS reported that of the 245 incidents reported to it by asset owners and industrial organizations during the previous year, 79 of these, about 32 percent, were reported by the energy sector. Another report, “Trend Micro’s Report on Cybersecurity and Critical Infrastructure in the Americas,” which was based on a survey conducted in 2015 of companies and government bodies in the Americas, found that 47 percent of energy organizations had experienced cyberattacks that attempted to delete or destroy their information.
DHS identifies the cyber threat coming from what it calls “sophisticated actors” (code for state-sponsored hacking) as well as hacktivists, insiders and criminals.
The oil and gas industry itself appears to be concerned about the threat. Ernst & Young stated in 2015 that 61 percent of oil and gas organizations surveyed believed they would be unlikely to be able to detect a sophisticated cyberattack. Only 13 percent thought that their information security function met their organizational needs.
PwC Inc. found that the number of security incidents detected by oil and gas firms consulted as part of its “Global State of Information Security Survey 2016” increased by 93 percent last year. The business consultancy also said that oil and gas respondents planned to increase their information security budgets by 10 percent in 2015. While oil and gas firms are currently concerned about the theft of “hard” intellectual property like exploration data, drilling technologies and refinery processes, they are also mindful that the development of the Internet of Things will likely expand cybersecurity risks.
Job Opportunities: Cybersecurity Specialists, Security Engineers
In this new world of huge numbers of connected machines and devices in the oil patch, the oil and gas industry is looking for cybersecurity professionals whose experience goes beyond traditional IT security. They must also be able to work with operational technology such as SCADA (Supervisory Control and Data Acquisition) and other industrial control systems. These workers to understand that any node in a network can be an opportunity for a cyber-miscreant, which is why many cybersecurity professionals sought by the oil and gas industry have a military, law enforcement or intelligence background.
Oil and gas companies want cybersecurity professionals with experience working in an industrial environment. Jobs advertised mention antivirus solutions experience on platforms such as McAfee and Symantec database administration, network/device configuration and firewall administration. But companies also need people who can work with SCADA protocols and who have knowledge of field area network architectures for transmission and distribution and automation.
Typically, candidates will have at least a bachelor’s degree in computer science, computer information systems or electronic engineering.