#United States #Cybersecurity #Oil and Gas #Irving, Texas #Tosi

Cybersecurity Confidence in the Oil and Gas Sector

The landscape of cybersecurity in the oil and gas sector has recently come under scrutiny, particularly following the Operation Epic Fury. An intriguing survey conducted by Tosi, involving 100 decision-makers from U.S. upstream and midstream oil and gas operators, highlights a stark contrast between perceived confidence levels and the actual capabilities of existing tools to detect cyberattacks.

Confidence vs. Reality

In the survey, 87% of operators expressed confidence in their ability to detect a cyber incident within 24 hours, scoring their assurance a 4 or 5 out of 5 on a rating scale. However, only a mere 16% reported employing appropriate continuous monitoring systems specifically designed for operational technology (OT) environments. This skewed confidence raises concerns about a significant gap in effective security measures within the industry.

Most of the confidence stems from reliance on traditional IT security tools. Over half of the participants (51%) reported using such tools, acknowledging them as having limited visibility into the specific traffic of OT systems. Nearly 27% noted that they would depend on field operators to identify anomalies, casting doubt on how proactive the existing monitoring processes are.

Tosi’s CEO, Sakari Suhonen, draws attention to these findings, stating, “This is the most consequential blind spot in U.S. energy infrastructure right now.” He emphasizes that the tools at operators' disposal are not capable of detecting serious breaches in real-time, highlighting a crucial need for improvement in this domain.

Market Dynamics Following Cyber Threats

The survey conducted in April 2026 reflects a market reacting swiftly and decisively post-Operation Epic Fury. Following the events of late February—which triggered increased cyber risks—63% of companies reported a heightened threat perception. A significant 94% have either approved or are reviewing security expenditures related to OT systems to bolster their defenses. Remarkably, 95% anticipate that their OT security budgets will increase over the next year, with many operators expecting rises over 20%.

The increased urgency for investment is driven by several factors, including growing IT/OT convergence, prevalent threats, and government warnings about state-sponsored attacks on critical infrastructure. A significant operational impact is evident, with nearly every operator reporting at least one incident category since the end of February, including OT disruptions linked to ransomware and precautionary shutdowns triggered by IT issues.

Prioritizing Detection Capabilities

When it comes to improving security measures, operators prioritize detection capabilities. Continuous monitoring and anomaly detection emerged as the most important capabilities they want to acquire over the next year, followed closely by OT-specific incident detection and response. Together, detection, visibility, and secure remote access account for 71% of the operational focus moving forward.

Interestingly, the biggest barrier hindering faster progress is not financial; it lies within the organizational culture. A significant 45% of operators pointed at the knowledge gap between IT and OT teams as a primary obstacle. In contrast, only 11% cited budget constraints as a major issue, indicating a shift in focus from financial to personnel barriers in cybersecurity.

The Way Forward

Considering the growing geopolitical tensions and Iran-aligned cyber activities targeting U.S. interests, the urgency to address these gaps cannot be overstated. Federal agencies have issued advisories confirming that adversaries are actively disrupting essential programming systems across various sectors. Tosi's data serves as a timely reminder that improving detection tools is paramount to mitigating risks effectively.

Looking ahead, it is anticipated that oil and gas operators will allocate more resources to OT security than ever before. The decisive question is whether this investment will focus on the right tools necessary to close the detection gap or continue to further embed existing inadequacies.

The upcoming webinars by Tosi promise to delve deeper into these findings, providing insights into effective strategies for navigating the evolving threats in the cyber domain of oil and gas.

About Tosi

Tosi, a frontrunner in cyber-physical systems for operational technology networks, is dedicated to fortifying the cybersecurity infrastructure of critical industries worldwide.

By addressing the existing blind spots, Tosi aims to ensure that operators are better equipped to secure their systems against the backdrop of increasingly sophisticated cyber threats.

• ---

This article highlights findings from Tosi’s 2026 Oil and Gas OT Decision Maker Survey and discusses the ongoing challenges in the sector. For in-depth analysis, follow Tosi’s webinars and updates.