To main content

An Empirical Study of CERT Capacity in the North Sea

Abstract

This paper documents the results of an empirical study of cyber incident response readiness in the Norwegian
petroleum industry. The study addressed the Computer Emergency Response Team (CERT) capacity among various actors in the industry in handling critical cybersecurity incidents in industrial control and safety systems, with a focus on Operational Technology (OT) systems. The paper presents results from interviews with personnel in petroleum companies as well as interviews with national and international CERT actors. The informants in the petroleum industry are relatively satisfied with their own CERT capacity today, but it is acknowledged that one can always improve. Oil and gas companies and drilling companies share information and experience in various (virtual) meeting places and forums organized by external actors, but there is little focus,
especially among the smaller companies, on systematic sharing of information and experiences of cyber incidents. There is a strong need for coordinating and harmonizing cybersecurity in IT and OT systems, as there are significant differences in terminology, maturity of technical solutions and culture today. CERT actors pointed out a need for better communication and contact between CERT actors and key persons within the companies, something that could be accomplished with the establishment of a petroleum sector Information Sharing and Analysis Centre (ISAC).

Category

Academic chapter/article/Conference paper

Language

English

Author(s)

Affiliation

  • SINTEF Digital / Software Engineering, Safety and Security
  • Norwegian University of Science and Technology

Year

2020

Publisher

IEEE conference proceedings

Book

Cyber Science 2020 - Advancing a Multidisciplinary Approach to Cyber Security

ISBN

978-0-9932338-5-2

Page(s)

6 - 13

View this publication at Cristin