The American Petroleum Institute has published an updated edition of its cybersecurity standard for pipelines. The American Petroleum Institute (API) has published an updated edition of its cybersecurity standard for pipelines, which it says provides a comprehensive approach to cyber defense for critical infrastructure. The update, which has been in development since 2017, is said to be a result of expert input from more than 70 organizations, including state and federal regulators within FERC, TSA, PHMSA, CISA, DoE, NIST, as well as Argonne National Laboratory, the American Gas Association (AGA), Interstate National Gas Association of America (INGAA), the Association of Oil Pipe Lines (AOPL) and numerous pipeline operators. It is based on the NIST (National Institute of Standards and Technology) Cybersecurity Framework and NERC-CIP (Critical Infrastructure Protection) standards and significantly expands the scope, compared to the previous edition of the standard, to cover all control system cybersecurity instead of […]