Policy

Global oil and gas companies join pledge for cyber resilience

More than a dozen global companies in the oil and gas industry are uniting for the first time to promote cyber resilience amid growing cyber threats.

The energy companies announced their commitment on Wednesday at the annual global conference of the World Economic Forum (WEF) in Davos, Switzerland.

The pledge aims to encourage global firms to collaborate and take collective steps to strengthen cyber resilience across the industry. The initiative was led by the WEF’s cyber resilience in oil and gas initiative, which seeks to incentivize the oil and gas industry to adopt cyber resilience practices.

“The Cyber Resilience Pledge is a landmark step as it signals recognition of the complexities of building a cyber-resilient industry ecosystem and a commitment towards collective action to achieve it,” said Alexander Klimburg, head of cybersecurity at the WEF.

The energy corporations participating in the pledge include Galp, Petronas, Occidental Petroleum and Aker BP.


Organizers behind the pledge said the initiative is in response to major cyber breaches that occurred in the past two years, highlighting the vulnerabilities of critical sectors. 

In 2020, Russian state-sponsored hackers exploited the vulnerabilities in software updates from tech company SolarWinds. The hackers were then able to penetrate the networks of nine federal agencies and at least 100 private sector organizations for nearly a year. 

The following year, Colonial Pipeline was hit by a destructive ransomware attack, forcing it to shut down for nearly a week. The incident caused gas shortages in several states as fuel prices spiked. 

The U.S. federal government and the private sector have since made major investment in cybersecurity, including passing legislation to address cyber vulnerabilities.

“The oil and gas industry is going through a digital revolution that has been a catalyst to the energy transition and sustainability,” said Felipe Bayón, CEO of Ecopetrol, the largest oil and gas corporation in Colombia. 

“Cyber resilience is key in this revolution, as staying ahead of vulnerabilities is fundamental to our business,” he added. 

The pledge follows another leadership initiative led by senior cyber coordinators from NATO who held their first meeting in Brussels last week. The coordinators met to discuss the cyber threat landscape following Russia’s invasion of Ukraine. 

“As the world deepens its digital footprint, cyber threats are becoming more sophisticated,” said Amin Nasser, CEO of Saudi Aramco, a Saudi Arabian public petroleum and natural gas company that also participated in the pledge. 

“But one company, working alone, is effectively like locking the front gate while leaving the back door wide open,” he added.