Checkout
Contact Us
close
EUCI
>
Cyber Security Fundamentals for Oil and Gas Professionals

Cyber Security Fundamentals for Oil and Gas Professionals

November 5, 2025 Online :: Central Time

Overview Agenda Instructor Credits
Download
Print

The oil and gas industry operates at the crossroads of technological innovation, energy transition, and global geopolitical dynamics. As a critical driver of economic activity, this sector has become an increasingly attractive target for cyberattacks.

Key challenges facing the industry include:

  • Technological Advances: The adoption of IoT, AI, and automation has expanded the attack surface, introducing new vulnerabilities.
  • Energy Transition: The shift toward clean and sustainable energy sources brings unprecedented operational complexities.
  • Evolving Threat Landscape: Sophisticated cybercriminals and state-sponsored actors are targeting critical infrastructure vulnerabilities.
  • Geopolitical Risks: Heightened energy security concerns and cyberwarfare necessitate proactive and robust defenses.

Further complicating the cybersecurity landscape is a patchwork of regulations and a critical shortage of OT cybersecurity expertise. Unlike IT systems, addressing OT threats and vulnerabilities requires a deep understanding of operational environments and the nuances of IT/OT convergence. OT security incidents cannot be approached in the same way as IT issues—they demand specialized strategies and solutions tailored to industrial systems.

This course is designed to bridge this gap, equipping professionals with the knowledge and skills needed to secure operational technology environments, navigate regulatory requirements, and safeguard vital energy infrastructure against an evolving threat landscape.

Learning Outcomes

  • The Threat Landscape: Gain insights into the unique cyber risks faced by oil and gas organizations, including ransomware, supply chain attacks, and insider threats.
  • OT vs. IT Cybersecurity: Identify the critical differences between IT and OT systems and why a tailored approach is essential.
  • Regulatory Compliance: Navigate the complexities of global and regional cybersecurity regulations impacting the oil and gas sector.
  • Incident Response for OT Environments: Develop robust response strategies for industrial control system (ICS) breaches and downtime mitigation.
  • Building Resilience: Explore strategies to ensure system resilience while meeting operational and safety goals.

Register

This is a recorded session - no instructor interaction is available. Recordings do not qualify for continuing education credits. Recordings will expire 30 days from date of purchase and sharing, downloading or copying of the recording in any way is strictly prohibited and will result in the termination of your license.

PURCHASE THIS RECORDING:

Recording license(s)$ 895.00 each

Agenda

Wednesday, November 5, 2025
Central Time

Online

Log In & Welcome

8:45 AM

Lunch Break

12:00 - 12:30 PM

Adjourn for the day

4:00 PM

8:45 AM - 9:00 AM

Log In & Welcome

12:00 - 12:30 PM

Lunch Break

9:00 AM - 4:00 PM

Course Timing

Introduction to Oil and Gas Cybersecurity

  • OT design and architecture overview
  • Digital transformation
  • SCADA security principles
  • OT cybersecurity threat landscape
  • Threats, threat actors and attack vectors
  • Tactics, Techniques and Protocols (TTPs)

IT/OT convergence

  • Segmentation
  • Digital twins
  • IIoT

Lunch Break

Industry Standards and Regulatory Landscape and Compliance

  • IEC-62443 and NIST 800-82
  • TSA Security Directives

Defense in Depth – Key areas for oil and gas sector

  • Defensible architecture
  • Security awareness and training
  • Incident Response
  • Continuous monitoring
  • Vulnerability Management

Case Studies: Lessons from the Field

  • Industry attack
  • Mitigating controls and lessons learned

Instructor

Gurdeep Kaur

Global Sector Lead and CXO Advisor

DigitalXForce

Gurdeep Kaur is a cybersecurity  practitioner with over 20 years of extensive cybersecurity expertise spanning the energy, financial, healthcare, and telecom sectors. As the inaugural Chief Information Security Officer (CISO) of PSEG, she envisioned, executed, and led a comprehensive cybersecurity transformation program for both IT and OT environments over six years. As the primary cybersecurity coordinator for TSA Security Directives compliance, she led the design and implementation of the cybersecurity program for the gas operations for PSE&G.

Prior to her tenure at PSEG, Gurdeep held progressively senior positions at AIG for 12 years, including Business Information Security Officer (BISO) for AIG Global Finance and Chief Security Architect for the enterprise, where she played a pivotal role in shaping the company’s security strategy.

Currently, Gurdeep serves on the Technology and Data Governance Committee at Hackensack Meridian Health and is the energy sector chief for InfraGard New Jersey. She also co-founded and served as the inaugural president of the (ISC)² ISC2 New Jersey Chapter, co-chaired the ISC2 North American Advisory Council, and was a member of the Cloud Security Alliance (CSA) Global Enterprise Advisory Board.

Gurdeep holds a Bachelor’s degree in Electrical Engineering from Delhi College of Engineering in New Delhi, India, and is certified as a CISSP-ISSAP and NIST Cybersecurity Framework (CSF) Practitioner, among other credentials.

Gurdeep was honored with the ISC2 President’s Award for her leadership and commitment  to advancing the field of information security.

Continuing Education Credits

IACET

AP_Logo

EUCI is accredited by the International Accreditors for Continuing Education and Training (IACET) and offers IACET CEUs for its learning events that comply with the ANSI/IACET Continuing Education and Training Standard. IACET is recognized internationally as a standard development organization and accrediting body that promotes quality of continuing education and training.

EUCI is authorized by IACET to offer 0.7 CEUs for this event

Verify our IACET accreditation

 

Who recognizes IACET Credits?

 

 

CPE

Upon successful completion of this event, program participants interested in receiving CPE credits will receive a certificate of completion.

Course CPE Credits: 7.5
There is no prerequisite for this Course.
Program field of study: Specialized Knowledge
Program Level: Basic
Delivery Method: Group Internet Based
Advanced Preparation: None

CpeEUCI is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org

CLE

Only registered attendees can request CLE credits for an EUCI course/event.  Please email [email protected] prior to the course start date and list the state where you are licensed and your bar# as well as the name and date of your course/event in your request, and someone will be in contact.

Who Should Attend

This course is tailored for professionals from companies, utilities, consulting firms, and government agencies who are involved in managing, overseeing, or operating OT cybersecurity functions within the oil and gas sector. It is also well-suited for individuals working in audit, risk, and compliance roles who aim to deepen their technical understanding of securing OT environments in this sector.

  • IT and OT Cybersecurity professionals
  • OT engineers seeking to enhance their cybersecurity expertise.
  • Executives and decision-makers responsible for safeguarding critical infrastructure.
  • Risk and compliance officers