The voluntary Cyber Architecture Reviews are intended to be a collaborative, non-regulatory, approach that promotes secure and resilient infrastructure through the sharing of information and best practices.
The Coast Guard has been working with FERC’s Office of Energy Infrastructure Security(OEIS). OEIS has conducted over 21 voluntary Cyber Architecture Reviews to date for the energy sector, and hopes to support LNG terminals by offering a no-cost voluntary cyber review.
“We are excited for the chance to continue our great relationship with FERC,” said Thomas. “Their cyber architecture review provides a great opportunity for industry to assess and strengthen cyber resiliency at no cost and with no risk.”
The OEIS is partnering with the Coast Guard to work with LNG ports and facilities. The reviews are a two-day non-compliance verbal review that is completed at the facility site and encompasses best cyber-practices for all aspects of digital communication to include corporate, building/emergency services, remote connectivity (vendors, member companies, etc.), backup center(s) and the operational network (control center and field device networks). Contracts, policies and procedures are also covered in the review.
These reviews are designed to be low-burden to a facility with no requested documentation prior to the review. The only the required information from the facility is network drawings for use during the review.
An agenda is provided to the facility in advance, outlining topics and duration times, to enable a facility to schedule their appropriate subject matter experts.
Source: USCG Blog