Cyberattacks: ‘The danger is clear, present, and constant’
At Global Cybersecurity Forum in Riyadh, CEO warns that cybercriminals could plunge the world into chaos.
Cyber attackers could plunge the world into “complete chaos” with the energy industry a prime target for their focus, Aramco’s president and CEO, Amin Nasser, has warned.
Nasser was in Riyadh addressing the two-day Global Cybersecurity Forum, a conference that drew together international government and business experts to explore the current and anticipated cybersecurity landscape.
Cyber resilience will continue to be an “extremely high priority” for Aramco as a leading supplier of global energy, said Nasser, as he delivered opening day keynote remarks ahead of a panel session titled “Keeping the Lights On.”
Nasser said increased vigilance and collaboration within the industry was necessary for its nexus of supply chains to combat an ever-evolving threat.
“After all, there are very few industries … if any … that play such a significant role in every single aspect of the daily lives of billions of people around the world,” Nasser said.
Keeping the lights on
“From keeping the lights on … to actually protecting the world from complete chaos.
“In fact, the energy industry’s importance cannot be overstated.”
The energy industry has, and will continue to be a “favored target” for attackers ranging from criminal gangs to terrorists bent on inflicting damage to critical infrastructure.
The danger for us is clear, present, and constant.
— Amin Nasser
“Now, clearly the energy industry has an obvious vulnerability.
“Namely, the sector’s dependency on legacy systems, many of which were built long before cyberattacks were ever considered a risk.”
Convergence of information
“And our industry’s shift toward digitalization is leading to a growing convergence of information and operational technologies … something that also increases the potential danger of crippling cyberattacks.”
This convergence, Nasser added, enables cyber attackers to move laterally within organizations, a development, he said, that posed serious implications and challenges.
And, with a “complex ecosystem” within the energy industry, the president and CEO said that it is vital to build cyber resilience among service providers throughout complex supply chains.
He urged business partners, suppliers, and service providers to adopt robust cybersecurity standards, and to collaborate to boost the defenses of the industry.
“We all need to urgently increase collaboration. Across borders. Across industries. Across the public and private sectors.
“Aramco, for our part, is an active member of global platforms and organizations that are bringing together multiple stakeholders to tackle cyber threats.”
Global cyber resilience
Nasser pointed to Aramco’s role as a founding partner of the World Economic Forum’s Center for Cybersecurity, and that through this and other partnerships, the company is encouraging the adoption of best practices and principles for cyber resilience globally.
In the Kingdom, Nasser added, Aramco has also recently partnered with the National Cybersecurity Authority (NCA), joining as a founding member of its Center of Excellence.
“This initiative by the NCA will help shape the global cybersecurity ecosystem, providing common standards and advancing R&D.
“Simply put, cyber resilience is and will continue to be an extremely high priority at Aramco as cyberattacks are among our top corporate risks.
“As such, we see a cyber aware culture across our organization and the entire ecosystem as essential,” Nasser said.
Cybersecurity a ‘critical area’
Cybersecurity will be added as one of the select categories of Aramco’s President’s Excellence Awards this year.
“This means we now rank cybersecurity on par with other critical areas such as safety, operational excellence, and environmental excellence,” said Nasser.
“We take it so seriously because the Kingdom’s energy and chemical products go to almost every corner of the world.”
Nasser concluded on a cautionary note.
“We must never forget that cyber attackers really only need to be successful once to cause major damage, while to prevent such, we on the other hand, must be successful every single time.”
Caption for top photo: During the forum, Amin Nasser urged attendees to collaborate and adopt robust cybersecurity standards.