In the weeks that followed a ransomware attack on a domestic pipeline company, the federal government’s efforts to shore up the cybersecurity posture of America’s critical infrastructure and supply chains, including the oil and gas industry, have garnered increased attention.  Historically, the oil and gas sector has not been subject to mandatory cybersecurity regulations, but rather was encouraged to follow voluntary security guidelines that were initially published by the Transportation Security Administration (TSA) in 2011 and revised in 2018. Yet, the industry sector’s geographic size, number of operators/stakeholders within the sector, and its importance to the national economy make the oil and gas industry an attractive target for cyberattacks.

Each of these factors begs the question whether voluntary cybersecurity measures are sufficient to protect this critical infrastructure component? Based on the TSA’s decision to publish the very first Pipeline Security Directive (“Directive”) three weeks after Colonial Pipeline was victimized by a ransomware attack, the answer to this rhetorical question appears to be an emphatic “No.”
Continue Reading Is the TSA Security Directive A Harbinger of Oil and Gas Cybersecurity Regulations?

Leah Kaiser has written an article for The Contractor’s Perspective outlining the Department of Energy’s new initiative to protect electricity operations from increasing cyber threats to the energy industry.

DOE’s initiative outlines four primary areas of focus: (1) encouraging the implementation of measures that increase “detection, mitigation, and forensic capabilities; (2) setting “concrete milestones” designed

Bottom Line Up Front: The Department of Energy (DOE) will implement new cybersecurity programs to enhance energy sector resilience. DOE’s announcement coincides with the Senate Energy and Natural Resources Committee’s support for the DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER). Expect to see resilience to cyber attacks in future government procurement activities.

On March 18, 2021, CESER announced several new research programs designed to enhance the safety and resilience of the U.S. energy sector. The Trump administration established CESER to protect critical energy infrastructure by assisting oil, natural gas, and electricity industries secure their infrastructure. Currently, energy infrastructure faces threats not only from climate and natural hazards, but also evolving and increasing physical and cyber threats.
Continue Reading White House and Congress Support Improved Cyber Resilience in the Energy Sector

Lawmakers of the 86th Texas Legislature passed several bills in regular session related to storage and cybersecurity, as well as a bill extending the expiration of a Chapter 312 tax abatement program that benefits renewable energy. These energy-related bills passed by the Texas Legislature are discussed below, as are notable bills that failed to gain traction this session.

Continue Reading Bills Related to Storage and Cybersecurity and Other Energy Issues Signed into Law After Close of 86th Texas Legislature’s Regular Session

By the time the March 8, 2019 bill filing deadline for the 86th Texas Legislature passed, many bills concerning the electric industry had been filed. Storage, cybersecurity of the electric grid, and capital project tax abatements are among the energy issues Texas lawmakers are considering. This reviews the major filed bills before the current Texas Legislature.

Continue Reading 86th Texas Legislature to Consider Bills Concerning Cybersecurity and Storage, Among Other Electric Industry Issues

On August 2, President Trump signed new legislation which will impose new sanctions on Arctic offshore, deepwater or shale oil drilling projects which are partially owned by certain sanctioned Russian energy companies.  Previously, these sanctions only applied if the sanctioned Russian companies owned greater than a 50% ownership interest in the project and if the