The Downstream Natural Gas Information Sharing and
Analysis Centers can help utilities acquire and use timely,
actionable information By KimBerly DenBow
h e a dway
ENhANCING CybErSECurITy ThrouGh
INformATIoN ShArING
I
nformation Sharing and Analysis Centers, as described by the
National Council of ISACs, are trusted entities established by
critical infrastructure owner/operators to provide comprehensive sector analysis that may be shared within the sector, with
other sectors, and with government entities. ISACs take an
all-hazards approach with services including risk mitigation,
incident response, and alert and information sharing. The
goal is to provide users with accurate, timely, actionable, and
relevant information.
Currently, there are more than a dozen ISACs recognized by
the National Council covering a wide range of sectors, including the electric, nuclear, financial, communications, information
technology, multistate, and water industries.
In the early 2000s, the oil and natural gas sector hosted the
ONG-ISAC focused on physical security. By 2006, the participants of that group recognized other venues for information
sharing, which satisfied their situational-awareness needs, and the
ONG-ISAC of that time was terminated.
Today, cybersecurity is a growing threat to ONG operations
and enterprise systems. The amount of information disseminated
is overwhelming: analytics and mitigations must be timely, protections for anonymity are pinnacle, and one's perspective has to
expand beyond company-centric and sector-centric threats.
Because of this, the AGA Board-appointed Cybersecurity Strategy Task Force has identified the need for a formal
information-sharing mechanism that has policy and procedural
governance, fosters a vetted community of trust, offers liability
protections, and helps ensure antitrust provisions. Further, Congress and the administration have heightened their attention to
the functionality of ISACs, and government leaders are scrutinizing critical infrastructure sectors that do not have an ISAC and
inquiring how sector operators submit and receive cyberthreat
information.
Electric utilities, including combination gas and electric, already reap the benefits of the Electric Sector ISAC. AGA gas-only
members currently do not have this security posturing advantage
40
AmericAn GAs may 2014
at present. Therefore, AGA is architecting a natural gas utility
ISAC, to be referred to as the Downstream Natural Gas ISAC.
The DNG-ISAC would have a membership of gas-only
companies and a robust bidirectional information-sharing conduit
with the ES-ISAC for the sharing of cyber and physical threat
intelligence, incident information, analytics, and tools. Members
would gain access to timely threat information for electric as well
as gas, while being assured of trusted information-sharing protections and anonymity. Combination gas and electric companies
that already belong to the ES-ISAC would gain access to timely
threat information for gas in addition to what they already receive
regarding electric. DNG-ISAC and ES-ISAC participants would
benefit from efficient and effective threat collaboration while
providing the government with a single resource for information
dissemination to gas and electric utilities, which inherently share
common operations and customers.
ISACs are member-driven, and each ISAC has a different
funding structure, with the primary source of funds coming
from membership dues. The DNG-ISAC will have a voluntary
membership to cover annual maintenance costs including ISAC
platform maintenance, software licensing fees, a full-time gas intelligence analyst, and vendor subscription service. A dues formula
is being developed by AGA for gas utilities interested in participating. Gas utilities are not required to be AGA members to join the
DNG-ISAC.
To date, AGA has received commitments from 17 gas utilities
for the DNG-ISAC. The DNG-ISAC platform as planned can
accommodate up to 25 companies. AGA plans to establish an
advisory group consisting of representatives of the 17 "founding"
member companies to determine ISAC governance, structure,
and functionality. The DNG-ISAC should be fully operational by
mid-2014. u
Kimberly Denbow, engineering services director at AGA, is responsible
for representing AGA's membership on all security matters pertaining
to cyber and physical security.
Table of Contents for the Digital Edition of American Gas - May 2014