AGA Statement on Colonial Pipeline Incident

Washington, D.C. – Kimberly Denbow, the American Gas Association’s Managing Director, Security and Operations released the following statement regarding the cybersecurity incident involving the Colonial Pipeline Co. petroleum pipeline:

“The American Gas Association (AGA) and our members are keenly aware of the cybersecurity incident involving the Colonial Pipeline Co. petroleum pipeline.”

“AGA member utilities and members of the Interstate Natural Gas Association of America and Canadian Gas Association have access to the Downstream Natural Gas Information Sharing and Analysis Center (DNG-ISAC), the premiere cyber and physical threat sharing and analysis organization for the natural gas industry in the U.S. and Canada facilitating situational awareness and threat communication between operators and with the federal government. While Colonial Pipeline Co. is not a natural gas company and is therefore not a member of AGA nor of the DNG-ISAC, the DNG-ISAC has been actively researching, analyzing, and compiling information about this incident and posting timely incident-relevant information as well as collaborating with federal government partners and industry since early Saturday morning.”

“Resilience is measured by a system’s ability to prevent, withstand, adapt to, and quickly recover from system damage or operational disruption. The natural gas pipeline system’s resilience stems from the inherent physical characteristics of the natural gas molecule, the interconnectivity of our pipeline infrastructure design and the operational flexibility of the system. AGA members recognize their responsibility to ensure the safe, secure and reliable delivery of natural gas. They participate in numerous cybersecurity programs to assess their cyber posture and help build out their portfolio of robust procedures for identifying, mitigating and recovering from cyber intrusions.”

Background Information:

AGA’s Commitment to Cyber and Physical Security was developed and adopted to demonstrate dedication to ensuring that natural gas pipeline infrastructure remains resilient to growing and dynamic cyber and physical security threats.

AGA and its members have produced many security-focused products and resources to support the industry’s commitment to continuous improvement.

The Peer Cyber Review Program allows AGA member utilities to consult with peer utility cyber subject matter experts and walk through a comprehensive AGA-developed assessment that aligns with TSA Pipeline Security Guidelines.

Through the Cybersecurity Capability Maturity Model (C2M2), AGA facilitates comprehensive reviews of a member’s cybersecurity posture.