Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner.

Oil and gas sector procurement fuels need for cyber defence

Austen Clark - Clark IT
Austen Clark - Clark IT

As the oil and gas sector depends on contractors as part of the supply chain, a rising wave of global cyberattacks raises the question – how seriously do suppliers take cybersecurity?

With the energy sector becoming increasingly dependent on digitisation, through the explosion of Artificial Intelligence and the Internet of Things, so too does it become more vulnerable to cybercrime.

Damage caused by cyberattacks is vast, making the need for robust defences to beat the growing menace of hacks essential.

While your own business may have cybersecurity training and strategies in place, it’s just as important that those tendering to work with you can evidence their own level of cyber health, says Austen Clark, managing director of Clark Integrated Technologies in Aberdeenshire.

He said: “Energy companies face significant cybersecurity threats, and hackers are always looking out for the weakest chinks in an organisation’s defence wall. That might be through a third party you do business with. So you may have strong policies and procedures to protect your own organisation, but what about your suppliers? Can they evidence their cyber security?

“Computer hackers break into systems to steal, change or destroy information. They are smart and their tactics are changing. They will look for vulnerabilities, and wherever they find them they will exploit them.”

The Scottish Government is at the forefront of efforts to raise the bar on supply chain cyber security.

Mr Clark advises businesses seeking to gain work through the procurement tending process to demonstrate their commitment to cyber resilience by seeking a recognised accreditation.

Mr Clark said: “As part of the tightening of supply chain cyber security, contractors that fail to meet minimum requirements may be ruled out of the bidding process.

“Being out of the procurement process means lost opportunities, and a loss in revenue streams which could have far-reaching implications for SMEs of all kinds, from building trades to hotels, taxi operators to cleaning contractors.

“The ability to evidence a defined knowledge, understanding and commitment to cyber security is not only applicable in the public sector, but is increasingly embedded in in the wider business landscape.

“This is not without reason. Setting standards on digital security is an effective way to minimise the impact of the rising tide of hack attacks. It’s essential to business resilience and more commercial operators are seeking similar safeguards from their suppliers.

“In a climate of increasing cyber threats, supply chains can be an easy route to attack larger organisations. At its core, these measures are being put in place to raise awareness and enhance cyber resilience. It’s critical for SMEs to evidence that they have high regard for cyber and trade securely, regardless of size or sector.”

Cyberattacks cost the UK economy £8.8 billion, and are a growing concern for small businesses everywhere, with nearly a quarter of those recently surveyed saying they had been affected by an attack in the past year. Almost a quarter said they couldn’t survive for more than a month if unable to trade following an incident.

The Scottish Government has a scheme in place for SMEs and sole traders to access up to £1,000 to help improve their digital security by obtaining Cyber Essentials certification, which can help protect against many internet-borne attacks.

Mr Clark added: “It’s a must for any firm wishing to tender for business. This certificate is critical, even if digital services are not core to your business operation.

“Anyone can play lip service to cybersecurity, but what counts is endorsed accreditation. With the government-funded voucher scheme, it’s a chance to tap into a funding stream and gain a certificate which will help future-proof your business.

“Applications for this scheme remain open until March, or until the funding pot dries up, so I’d strongly advise businesses to take advantage right away.”

The Scottish Enterprise Voucher Scheme is available on a first come, first served basis and applications close in March 2020.

Recommended for you

More from Energy Voice

Latest Posts