Cyber Security Fundamentals for Oil and Gas Professionals
September 11-12, 2024 | Online :: Central Time
The EUCI Cyber Security Fundamentals for Oil and Gas Professionals course is designed to provide oil and gas professionals with a fundamental understanding of cyber security, including:
- Threats
- Vulnerabilities
- Risks unique to the industry
Participants will learn how to identify, assess, and mitigate cyber security risks in upstream, midstream, and downstream operations. Join the EUCI Cyber Security Fundamentals for Oil and Gas course to gain insights on IT and OT networks, oil and gas industry standards and regulations (e.g., NIST, IEC 62443, ISO 27001), TSA Security Directives for critical pipeline operators, and more.
Course Learning Outcomes
- Identify the unique vulnerabilities of oil and gas systems and how they can be exploited by attackers
- Identify and assess cyber security risks in an oil and gas environment
- Review the differences between IT and OT networks and the unique challenges of securing OT networks
- Identify relevant industry standards and regulations (e.g., NIST, IEC 62443, ISO 27001) and apply them to oil and gas cyber security
- Review TSA Security Directives for critical pipeline operators
- Discuss the risk management process and how it applies to cyber security
- Develop and implement a comprehensive cyber security program for an oil and gas company
- Explain the importance of employee training and awareness in maintaining cyber security
- Recognize the key components of incident response and business continuity planning
Wednesday, September 11, 2024 : Central Time
8:45 – 9:00 a.m.
Log In and Welcome
12:00 – 12:30 p.m.
Lunch Break
9:00 a.m. – 4:00 p.m.
Course Timing
Introduction to Cyber Security in the Oil and Gas Industry
- Current cyber security landscape and its impact on the oil and gas industry
- Upstream exploration and production facilities
- Midstream transportation and storage infrastructure
- Downstream refining and petrochemical facilities
- Renewable energy facilities
- Natural gas processing facilities
- Control systems and industrial automation networks
- Anatomy of Colonial Pipeline attack
- Differences between IT and OT networks
- Securing OT networks
- Standards and regulations
- NIST
- IEC 62443
- ISO 27001
- Risk management process and how it applies to cyber security
Cyber Threats and Vulnerabilities in the Oil and Gas Industry
- Common cyber threats and attack vectors in the oil and gas industry
- Ransomware
- Phishing
- Advanced persistent threats
- Insider threats
- Vulnerabilities of oil and gas systems
- Legacy systems
- Remote locations
- Supply chain risks
- Security controls and their effectiveness in mitigating cyber risks
- Physical ramifications
- Production disruption
- Equipment failure
- Environmental damage
- Hands-on exercises to identify and assess cyber security risks in a simulated oil and gas environment
Thursday, September 12, 2024 : Central Time
8:45 – 9:00 a.m.
Log In
9:00 a.m. – 12:00 p.m.
Course Timing
Best Practices for Cyber Security in the Oil and Gas Industry
- Best practices for securing IT and OT networks in the oil and gas industry
- Employee training and awareness in maintaining cyber security
- Incident response
- Business continuity planning
- Hands-on exercises to develop a cyber security plan for an oil and gas company
Gurdeep Kaur, Managing Director and Chief Information Security Officer, PSEG
Gurdeep Kaur has over 20 years of core experience in cyber security that spans across multiple sectors including telecom, financial, healthcare and energy.
In her current role as the Managing Director and Chief Information Security Officer at PSEG, she is responsible for managing the cyber security, risk, and compliance function across Information Technology and Operational Technology. Her areas of expertise include enterprise security strategic planning and execution, industry-standard security architecture, and security audit management of technology environments in oil, gas, and electric sectors.
She served as the founder-president of the (ISC)² New Jersey Chapter, chair of (ISC)² North American Advisory Council and member of Cloud Security Alliance (CSA) Global Enterprise Advisory Board. She is the cofounder of “StepUpSkill”, a not-for-profit organization focused on initiatives to address the shortage of cyber workforce.
She received a bachelor’s degree in electrical engineering from Delhi College of Engineering in New Delhi, India. She holds multiple security certifications including CISSP-ISSAP, CISA and CCSK.
We will be using Microsoft Teams to facilitate your participation in the upcoming event. You do not need to have an existing Teams account in order to participate in the broadcast – the course will play in your browser and you will have the option of using a microphone to speak with the room and ask questions, or type any questions in via the chat window and our on-site representative will relay your question to the instructor.
- Microsoft recommends downloading and installing the Teams app if possible. You may also use the Edge browser or Chrome.
- You will receive a separate email with a unique link to a personalized landing page which will include links to join all sessions of this event.
- If you are using a microphone, please ensure that it is muted until such time as you need to ask a question.
- The remote meeting connection will be open approximately 30 minutes before the start of the course. We encourage you to connect as early as possible in case you experience any unforeseen problems.
Please Note: This event is being conducted entirely online. All attendees will connect and attend from their computer, one connection per purchase. For details please see our FAQ
If you are unable to attend at the scheduled date and time, we make recordings available to all attendees for 7 days after the event
REGISTER NOW FOR THIS EVENT:
Cyber Security Fundamentals for Oil and Gas Professionals
September 11-12, 2024 | Online
Individual attendee(s) - $ 1195.00 each | |
Volume pricing also availableIndividual attendee tickets can be mixed with ticket packs for complete flexibility |
|
Pack of 5 attendees - $ 4,780.00 (20% discount) | |
Pack of 10 attendees - $ 8,365.00 (30% discount) | |
Pack of 20 attendees - $ 14,340.00 (40% discount) | |
Your registration may be transferred to a member of your organization up to 24 hours in advance of the event. Cancellations must be received on or before August 08, 2024 in order to be refunded and will be subject to a US $195.00 processing fee per registrant. No refunds will be made after this date. Cancellations received after this date will create a credit of the tuition (less processing fee) good toward any other EUCI event. This credit will be good for six months from the cancellation date. In the event of non-attendance, all registration fees will be forfeited. In case of conference cancellation, EUCIs liability is limited to refund of the event registration fee only. For more information regarding administrative policies, such as complaints and refunds, please contact our offices at 303-770-8800
Credits
EUCI is accredited by the International Accreditors for Continuing Education and Training (IACET) and offers IACET CEUs for its learning events that comply with the ANSI/IACET Continuing Education and Training Standard. IACET is recognized internationally as a standard development organization and accrediting body that promotes quality of continuing education and training.
EUCI is authorized by IACET to offer 1.0 CEUs for this event.
Verify our IACET accreditation
Requirements for Successful Completion of Program
Participants must log in each day and be in attendance for the entirety of the conference to be eligible for continuing education credit.
Instructional Methods
PowerPoint presentations, panel discussions and case studies will be used for this conference. We will also use hands-on exercises through simulation programming.
Upon successful completion of this event, program participants interested in receiving CPE credits will receive a certificate of completion.
Course CPE Credits: 11.0
There is no prerequisite for this Course.
Program field of study: Specialized Knowledge
Program Level: Basic
Delivery Method: Group Internet Based
Advanced Preparation: None
EUCI is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org
Who Should Attend
- Chief Information Security Officer (CISO)
- Cybersecurity Manager
- IT Security Manager/Analyst
- Network Security Engineer
- OT Security Engineer
- Control Systems Security Analyst
- Risk Management Analyst
- Compliance Manager
- IT/OT Project Manager
- Information Security Officer
- Security Consultant
- Penetration Tester
- Incident Response Manager
- Business Continuity Manager
- Chief Information Officer (CIO)
- Chief Technology Officer (CTO)
- Operations Manager
- Plant Manager
- Production Manager