New Edition of Pipeline Cybersecurity Standard Covers All Control Systems

From securityweek.com

The American Petroleum Institute (API) this month published the third edition of its pipeline cybersecurity standard, which focuses on managing cyber risks associated with industrial automation and control environments.

The third edition of Standard 1164, Pipeline Control Systems Cybersecurity, has been in the works since 2017, and it’s based on input from over 70 organizations. The standard is based on NIST’s Cybersecurity Framework and the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards.

According to the API, which is the largest trade association for the oil and natural gas industry, this edition covers all control systems, rather than just SCADA systems as the previous edition did.

Read more…