Skip to content
MarketScale
‹ Back to IndustriesEnergy

Defense In-Depth: Cybersecurity For Energy

Despite ongoing threats and a massive wake-up call in 2021, the oil and gas industry doesn’t appear to be ready for the increasingly dangerous cybersecurity threats present in the world. The Colonial Pipeline ransom attack in June 2021 cost the company $5 million in ransom, created supply chain shortages, and fueled price hikes while causing…

This story was produced through MarketScale. See how Energy teams put it to work with Customer Stories & Case Studies.

Share

Despite ongoing threats and a massive wake-up call in 2021, the oil and gas industry doesn’t appear to be ready for the increasingly dangerous cybersecurity threats present in the world. The Colonial Pipeline ransom attack in June 2021 cost the company $5 million in ransom, created supply chain shortages, and fueled price hikes while causing market uncertainty.

And with a lack of cybersecurity standards at the federal level, the oil and gas industry is vulnerable to future incidents. A recent bill hopes to address cybersecurity protection measures by requesting that the Federal Energy Regulatory Commission (FERC) create mandatory cybersecurity standards for the power, utility, and energy sectors

Even while this is taking place, the sector cannot sit idly by while waiting for federal standards to materialize. E2B: Energy to Business host Daniel J. Litwin spoke with Glenn Hartfiel, Principal, and Geoff Yut, Consultant, in Opportune LLP’s Process & Technology practice about current best practices to create and implement better cybersecurity solutions and strategies.

Yut explains, that as a baseline, it was difficult to predict what an organization doesn’t know might already be lurking in its network. He recommended that routine assessment of one’s attack surface and evaluating cyber risk exposure through third-party connections or vendors is critical.

“I think it’s important to remember that firms can’t protect what they don’t know that they have,” Yut says. “So, it’s important to regularly assess your attack surface and evaluate your exposure to cyber risk through those third-party connections or vendors.”

Hartfiel mentions there are some things companies can do on their own to mitigate their risk of a cyberattack such as implementing multifactor authentication, geo-blocking IP addresses outside of the U.S., installing malware scanners, and giving permission to select people within the organization who are trusted with access. The other big piece of advice that Hartfiel finds himself stressing to energy clients and the industry is educating people on best practices of cybersecurity.

“That is the biggest one that I stress is educate your users not to open attachments,” Hartfiel says. “They don’t know who they came from, right? That’s the weakest link in any company…to have somebody open up an email and then click on something and they have a rootkit installed or a malware virus that then can go out and attack the whole network.”

The age-old phrase “go big or go home” is why oil and gas and other energy-related industries become targets of hackers. These attacks make big headlines and can result in huge paydays. They can also create widespread panic if a grid goes down or a pipeline operation shudders. And when it comes to making the proper cybersecurity modifications and ensuring infrastructure is sound and up to date to handle such operational risks, there are no shortcuts.

“It takes at least 12 months to do upgrades and not cause any major impacts,” Hartfiel says.

The process is something that will likely need budgeting over some time. But since hackers wait for no one, the time for companies to strengthen their cybersecurity measures to make it harder for the next cyberattack is now.  

Energy: are you visible to AI?

Before they reach out, Energy buyers ask AI engines which vendors to trust. See how AI describes your company today, and where competitors show up instead.

Free workspace

You just read one expert. Imagine publishing your whole team.

This article was produced through MarketScale. Create a free workspace and turn your own team's expertise into articles, video, and social posts. No credit card, no demo required.

NPS +73 · 1,000+ creators · 38+ countries

What you get, free

Your own MarketScale Studio workspace
One video edit a month, on us
AI writing, editing, and publishing tools
In-platform coaching to learn the system

More Energy Insights

$1.1 trillion in grid investment and AI data centers still face decade-long connection waits

$1.1 trillion in grid investment and AI data centers still face decade-long connection waits

The energy sector is planning significant investments in grid infrastructure, with $208 billion allocated for 2025 alone. Despite such investments, data centers in regions like Northern Virginia still face prolonged waits, sometimes extending up to 14 years, for grid connections. This highlights a disconnect between planned investments and actual implementation efficiency.

  • 01$208 billion planned for grid spending in 2025.
  • 02Data centers in Northern Virginia face up to 14-year waits for connections.
  • 03Infrastructure investment isn't translating into immediate capacity improvements.

Jul 13, 2026

Barbados energy transition stalls between dominant incumbents and alternative pathways, study finds

Barbados energy transition stalls between dominant incumbents and alternative pathways, study finds

A 2026 academic study highlights the barriers to energy transition in Barbados, where a fossil-fuel-dependent system struggles to adapt. The study examines the existing power structure and technologies that could facilitate a shift towards sustainable energy. The findings indicate a conflict between entrenched incumbents and emerging alternative energy pathways.

  • 01Barbados's energy system remains heavily reliant on fossil fuels.
  • 02Incumbent energy providers resist transitioning to sustainable options.
  • 03The study identifies technologies that could help transition movement.

Jul 13, 2026

Retail energy markets face a wave of regulatory and structural shifts across Pennsylvania, Massachusetts, Texas, and D.C.

Retail energy markets face a wave of regulatory and structural shifts across Pennsylvania, Massachusetts, Texas, and D.C.

The retail energy markets in the U.S. are undergoing significant regulatory and structural changes in various states, including Pennsylvania, Massachusetts, Texas, and Washington, D.C. These changes impact energy supplier operations, involving new credit rules, municipal powers, demand response adjustments, and rate cap debates. The evolving landscape presents both challenges and opportunities for energy companies navigating these shifts.

  • 01New credit rules are being implemented by PPL Electric.
  • 02Massachusetts municipalities are gaining opt-out powers.
  • 03Texas is adjusting its demand response strategies.

Jul 13, 2026

Explore More Energy Insights

Read more expert perspectives from across Energy.

Browse Energy Hub

For B2B teams

Your experts could be publishing here

Stories like this one run on content MarketScale captures from real practitioners. See how your team's expertise becomes coverage in Energy and beyond.

Book a 15-minute demo

Or call us. No forms required. We pick up. 214-945-2512