Woodside drives to 'demystify' cybersecurity in operations

Woodside Energy is beefing out a newly established “operational technology” team of engineers and IT staff whose early focus is on augmenting cybersecurity controls.

The new team, which was set up in the wake of a 2015 review of Woodside’s control and computer systems, has appointed Scott Marshall as its team lead.

Marshall has been with Woodside in various roles since May 2012, most recently providing project engineering in support of a “pan-Woodside cybersecurity project”.

Woodside described the initial focus of the new operational technology team as “remediation scopes, controls and governance”.

Chief operations officer and executive sponsor of the operational technology (OT) team, Mike Utsler, said this would cover the implementation of “a robust framework” and a drive to “demystify cyber security for our operations”.

Marshall said one of the aims of the team was to balance Woodside’s push to innovate against security risks inherent in oil & gas and industrial sectors more broadly.

Woodside is currently implementing a major innovation and technology strategy that incorporates input – such as research – from a number of third parties such as universities and technology vendors.

“A lot of this newly established OT team is about ensuring that the controls we have – and those that the organisations we are connected to have – are fit for purpose and effective,” Marshall said.

“It’s about establishing a balance between enabling innovation through developments in technology and ensuring a security culture is embedded within our teams.”

The establishment of the OT team is also intended to put in place governance and controls ahead of an expected expansion of industrial internet of things technology.

Woodside recently revealed the results of its first IoT project, which takes data from 200,000 sensors at its Pluto liquefied natural gas (LNG) plant.

It is already working on cybersecurity controls for IoT through a research collaboration with Curtin University and Cisco established last year.

Cybersecurity has been on the executive radar at Woodside for a number of years. Its former CEO Don Voelte in 2011 made “rare comments” to a leadership forum that he saw “a number of attacks against our company over a period of time” originating from various locations worldwide.

At that time, The Australian reported that resources firms including Woodside were working with the Australian Signals Directorate to try to curb attacks against resources infrastructure.

Woodside also recently participated in a cybersecurity trade delegation to Israel where the agenda was heavily focused on risks from emerging technologies like IoT.