However, oil and gas typically forms part of the host nation’s critical national infrastructure (CNI). This means it is attractive to both cyber crime and cyber espionage.
Secondly, oil and gas have complex ecosystems consisting of heavy onshore and offshore assets, processing facilities, systems, networks and processes; yet the increasing desire to improve efficiency and cost to improve production and profit is driving digital transformation. This results in an increase in the attack surface area and exposes legacy systems never designed with security in mind, nor intended to be connected to the internet.
Thirdly, there is an increasing trend toward cyber attacks against industrial control systems (ICS) and operational technology (OT).