Physical and cyber threats are real and unrelenting for all critical infrastructure. It is important that all natural gas distribution systems understand the threats they are facing and the associated mitigative actions that can be taken. Currently the oil and natural gas sector does not have regulatory requirements related to security. However, there are two important guidance documents or tools that have been developed to assist systems in ensuring their assets are protected.
The National Institute of Standards and Technology (NIST) Cybersecurity Framework was developed as a presidential directive under the Obama Administration. It represents a year's worth of collaboration between private industry and the federal government. This voluntary framework consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Cybersecurity Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security. It was recently updated in April 2018.
The Transportation Security Administration (TSA), Pipeline Division is the body of the federal government that has authority to regulate the natural gas distribution industry, but to date has not done so in favor of a collegial, collaborative relationship. The TSA Pipeline Security Guidelines, originally released in 2011 and recently updated in March 2018, provide a baseline for industry physical and cyber security. Natural gas distribution companies should endeavor to meet or exceed these guidelines.
APGA is also a member of the Downstream Natural Gas Information Sharing and Analysis Center (DNG ISAC). The DNG ISAC is an online platform that helps natural gas utilities share and access timely, accurate and relevant threat information. It is yet another too that can further enhance the security of natural gas utilities.
APGA will be hosting a webinar on June 18 to further familiarize APGA members with the cyber threats facing municipal gas systems and the associated mitigative actions that can be taken.
For questions on this article, please contact Erin Kurilla of APGA staff by phone at 202-905-2904 or by email at
ekurilla@apga.org.