What Have Pipeline Companies Said About Cybersecurity? Not Much

Rachel Adams-Heard, Bloomberg News

A Colonial Pipeline Co. storage tank at a facility in the Port of Baltimore in Baltimore, Maryland, U.S., on Tuesday, May 11, 2021. Fuel shortages are expanding across several U.S. states in the East Coast and South as filling stations run dry amid the unprecedented pipeline disruption caused by a criminal hack. Photographer: Samuel Corum/Bloomberg , Photographer: Samuel Corum/Bloomberg

(Bloomberg) -- The shutdown of America’s largest petroleum conduit has spurred a slew of commitments to strengthen cybersecurity -- an issue that garnished little attention in five years of conference calls by U.S. pipeline companies.

Executives raised the topic of cybersecurity three times between 2015 and 2020, according to a review of conference call transcripts across 18 U.S. pipeline companies. One recent exception is Enterprise Products Partners LP, which dedicated a chunk of its March “ESG Day” to the issue.

The Colonial Pipeline has been shut down since Friday after an attack by the ransomware group DarkSide. U.S. government officials and consultancies have pointed at the incident as the clearest indication yet that the oil-and-gas industry is unprepared to combat these increasingly sophisticated threats.

Companies are likely resistant to sharing too much of their cybersecurity strategy out of fear that it would help hackers infiltrate their systems, though the lack of discussion also demonstrates how unsatisfying safeguarding those networks can be.

“That’s just a function of no one asking much about it,” said Hinds Howard, a longtime pipeline investor at CBRE Clarion Securities LLC. “Like, is the investor community going to get jazzed up about how much you spend on cybersecurity?”

Despite operating the biggest pipeline in the U.S., Colonial is a relatively obscure entity compared to publicly traded behemoths like Kinder Morgan Inc. and Energy Transfer LP. Colonial doesn’t have quarterly earnings calls with analysts and investors, and is therefore not included among the transcripts analyzed by Bloomberg. Colonial has said in statements that it’s working with relevant government officials and third-party experts to secure the pipeline and resume service.

“There will be some investors or management who will take this and the storm issues and talk about how important pipeline infrastructure is,” Howard said. “Others will be careful with talk like that because it invites potential for more regulation of the assets, which I don’t think midstream companies want.”

Markets

BNN

Scoreboard

BNN

LIVE:

Technology

{{ currentStream.Name }}

Related Video

Technology

Commodities

News Wire

Company News

What Have Pipeline Companies Said About Cybersecurity? Not Much

FAANG stocks