IPRO at a Glance
The International Pipeline Resilience Organization IPRO is a new, non-profit corporation. It proposes to become operational in mid-2021. It is designed to work with, and on behalf of, two critical energy delivery industries -- oil and natural gas pipelines (including liquids and products lines) – to (1) identify pragmatic controls that reduce or eliminate the risks of cyber or physical intrusion and the resulting disruption or loss of service, and (2) analyze enterprise-wide cyber challenges and solutions to achieve durable security for the North American energy supply chain, of which petroleum pipelines are a critical part.
Purpose and Commitment
In pursuit of the public’s interest in resilient energy infrastructure and in reliable cost- efficient energy services and the stake that pipelines have in secure operations, IPRO will seek to:
establish technical procedures to ensure that pipelines, individually and collectively, meet the highest standards of operational integrity and compliance with the best cybersecurity practices developed for industrial control systems (ICS):
prevent or address the vulnerabilities of the pipeline industry operations to cyber and physical intrusions that could affect the price, reliability, quality, or safety of pipeline transportation of crude or refined oil and products or natural gas and related liquids; and
provide a forum for collaboration and education among the owners, investors, service companies, and customers of natural gas and oil pipelines in the North American energy market regarding the management of cyber-related risk, information sharing, technological change, and compliance with industry best practices
Key Characteristics
IPRO is organized as an IRC §501(c)(6) non-profit corporation and incorporated under the laws and regulations of the District of Columbia. All North American oil and natural gas pipelines are invited to join as members and, in addition, to avail themselves of IPRO’s technical services and organizational benefits.
IPRO represents pipeline industry self-regulation in the public interest. Pipeline members are required to support and, to the maximum extent practicable, abide by IPRO policies, and the assessments and findings made through the CPA program.
IPRO’s technical evaluative processes, to be known as Cyber performance Assessments (CPA), will be conducted uniformly, using a proprietary approach, by independent professional staff according to the best standards of technical soundness. IPRO’s pursuit of high maturity levels in pipeline cyber security goes beyond identifying immediate problems or non-compliance with standards customarily addressed in routine audits; it will employ a more strategic, enterprise-wide approach to identifying systemic deficiencies and applying effective controls and prophylactics.
IPRO will seek to complement and assist federal and state agencies that exercise authority over cybersecurity, infrastructure integrity, and administration of appropriate standards and performance goals.
IPRO combines in-depth knowledge of cyber standards and controls with a working understanding of pipeline operations. This combination could enable IPRO to serve as a single point of contact between pipeline owner/operators and government with respect to the cyber and physical security requirements of pipeline facilities and systems.
IPRO will be governed by a majority-independent Board of Directors, administered by the highest level technical and administrative staff and industry committees and collaboratives.
IPRO’s plan for financial sustainability entails both membership revenues that support overall organizational activities and goals as well as income from vulnerability assessments provided to individual (Member and some non-Member) pipelines under contract.
IPRO will explore the potential to serve a broader role in conducting research and collaborative forums, developing manuals, reporting on industry performance, and interfacing with electric power and other related industries in the interest of more secure and resilient energy services.
What IPRO Is and Is Not
IPRO will operate under Bylaws that provide for professional operations by pipeline and cybersecurity professionals, governed by a majority-independent Board of Directors. First and foremost, IPRO is engaged in supporting pipeline risk management. The Bylaws establish an independent technical assessment function (“Cyber Performance Assessment”) which is a proprietary mechanism developed and administered by a Chief Technical Officer and his or her staff. IPRO’s CPA services are available on a voluntary basis to its pipeline Members (and non-Member clients) that need to identify and manage the cyber and physical risks inherent in operating in the modern digital environment. IPRO’s mission serves the interest in reliable energy service that all North American energy consumers share. Pipeline cybersecurity and effective risk management benefit all interconnected elements of the natural gas and oil “stream” that carries oil, gas, and products across the Continent.
IPRO constitutes pipeline industry self-regulation. Regulators and the industry alike have long recognized the advantages of addressing risks through voluntary self-imposition of standards and collaboration “funded not by tax dollars, but by the large industrial institutions that own and operate all the [physical energy plants] in the United States.”1 Since the 1960s, the electric power industry has addressed the risks that major outages, accidents, or other reliability challenges pose for the public health, the economic success of electricity providers, regulatory exposure, and the public image of the industry. That industry’s response was a self-regulatory initiative now known (since 2007) as the North American Electric Reliability Corporation (“NERC”).
It may be easy to think of IPRO as a “NERC for pipelines.” Like NERC, IPRO is the product of the resolve of pipeline companies to meet modern operational and digital challenges voluntarily, without undue government mandates or a statutory foundation. Although IPRO pursues goals and benefits similar to NERC, there are important differences:
IPRO’s principal initial interest is in supporting the work of individual pipeline members in discerning, defending against, managing, or mitigating the risks to their operations from the ravages of malware, cyber threats to the gas and oil supply chains, and insider threats.
IPRO does not seek federal or state authorization to enforce its technical opinions beyond the authority which its pipeline Members may delegate to it. IPRO’s credibility must be based primarily on the thoroughness and technical soundness of its analyses and opinions.
Pipeline resilience is a matter of public interest because the critical delivery capability of the oil and natural gas industries are subject to regulation under the Natural Gas Act, the Interstate Commerce Act, and other energy statutes as well as a range of state and federal cyber standards and regulations. IPRO is, therefore dedicated to creating more orderly and efficient processes for enhancing pipeline compliance with best practices and determining system integrity overall.
IPRO does not yet have, but may develop, the capability to analyze the reliability and resilience of the industry as a whole. However, it will pursue collaboration and information sharing among pipeline Members and other energy industry participants to advance the public’s interest and understanding of industry operations.
Although expansion or updates to pipeline facilities may be necessary to enhance resilience or reliability, IPRO is principally in the business of identifying and analyzing risks and proposing solutions, leaving such system enhancement decisions to pipeline planners and risk management.
IPRO has no precedent in the pipeline industry. However, IPRO’s founders believe that such an organization can be created and begin initial operations in pursuit of these important goals in 2021. IPRO’s success in helping ensure protection of all pipeline facilities will be based on two things: (1) state-of-the-art analysis of pipeline technology and operations and (2) the power of science, operational experience, peer approval, and persuasion.
Importantly, IPRO will assist and complement the work and legal responsibilities of the departments and agencies of federal and state government, not compete with them.2 IPRO is designed to utilize most standards and best practices that have been developed by primary cyber regulators3 and, in some cases, by industry.4 Utilizing its superior knowledge of pipeline operations, IPRO will then apply those standards, controls, and practices to individual pipelines and the new technology, facilities, and components as they are installed. IPRO’s cyber assessment of existing and pre-constructed facilities may also lead to the development of cyber security manuals and reports on the cyber state of the industry that will assist owners and operators. That is a future goal at this time.
In sum, IPRO will:
Promote cyber (and physical) security defense and recovery for critical pipeline infrastructure;
Render independent analysis and opinions about the sufficiency of cyber and physical preparedness;
Aggregate and apply the standards and best practices applicable to midstream pipelines, using controls developed for this purpose; and
Act as a single point of contact for agencies that would otherwise be required to engage in complex evaluations of far-flung pipeline infrastructure and operations;
Promote the same standards and controls in Canada and Mexico, to the extent the membership governmental agencies support that objective; and
Deliver benefits to pipeline companies in the form of minimized risk, training in best practices and effective compliance planning, reduction in the number of separate inspections and assessments by multiple cyber regulatory bodies, lower cost of insurance as a consequence of better risk management, and access to the best national and international expertise in cyber developments.