performing-oil-gas-cybersecurity-assessment

# Performing Oil & Gas Cybersecurity Assessment ## When to Use - When conducting a cybersecurity assessment of a refinery, pipeline, or production facility - When preparing for TSA Pipeline Security Directive compliance (SD-01, SD-02) - When assessing cybersecurity posture against API Standard 1164 (Pipeline SCADA Security) - When evaluating the security of remote wellhead SCADA systems and satellite communications - When a merger, acquisition, or regulatory audit requires a comprehensive OT security evaluation **Do not use** for IT-only corporate network assessments of oil and gas companies, for physical security assessments without a cyber component, or for environmental compliance assessments. ## Prerequisites - Written authorization from facility management and operations team - Understanding of oil and gas operations (upstream, midstream, downstream processes) - Familiarity with API 1164, TSA SD-01/SD-02, IEC 62443, and NIST CSF - Passive monitoring tools for OT network traffic capture - Access to network diagrams, SCADA architecture documentation, and safety studies (HAZOP) ## Workflow ### Step 1: Scope Assessment Based on Facility Type Oil and gas facilities have unique characteristics based on their operational segment that affect the assessment approach. ```yaml # Oil & Gas Cybersecurity Assessment Scope facility: name: "Gulf Coast Refinery" segment: "Downstream" capacity: "250,000 barrels per day" regulatory: ["TSA SD-02", "API 1164", "IEC 62443", "...