GAO: Little action done to address cyber gaps in offshore energy infrastructure

Not much has been done by the Department of Interiors Bureau of Safety and Environmental Enforcement to address cybersecurity risks facing more than 1,600 offshore oil and gas facilities across the U.S., reports CyberScoop. The Government Accountability Office reported that the BSEE has failed to act upon plans to deal with cybersecurity risks in offshore oil and gas facilities in 2015 and 2020, and while the agency has proposed a "foundational cybersecurity capability" for the sector and enlisted a cybersecurity specialist in May, the program has been put on hold as to better prepare the hired specialist. "BSEE should immediately develop and implement a strategy to address offshore infrastructure risks," said the GAO, which added that the BSEE agreed with the watchdog's findings and recommendations. Nozomi Networks Director of Cybersecurity Strategy Chris Grove suggested reconsidering offshore oil and gas oversight under BSEE. "Its not their core competency and this is an extremely difficult and challenging cybersecurity problems to solve one of the biggest out there. Anyone thats trying to solve that is going to be facing an uphill battle," Grove added.