This article was originally published in the 25Q3 LINK newsletter.
Insights from September’s 2025 Executive Roundtable
SGA recently hosted an Executive Roundtable for members of our Board and Executive Council, held September 17–18 in Knoxville, Tennessee, alongside a tour of the Oak Ridge National Laboratory (ORNL). The discussion centered on one of the most urgent issues facing today’s natural gas operators: the growing convergence of cyber and physical security threats.
Annie McIntyre, Chief Information Security Officer at Everline and a 30-year veteran in national defense and infrastructure protection, delivered a clear message to industry leaders— today’s threats demand new thinking, collaboration, and a culture of vigilance that reaches beyond traditional IT boundaries.
The Wake- Up Call: Key Takeaways from the Roundtable
We’ve entered a new era of threat sophistication.
Nation-state campaigns are patient, well-funded, and increasingly focused on operational technology (OT) systems. Attackers are playing a long game—quietly probing for vulnerabilities before launching coordinated strikes.
Vulnerability is the weak link.
While total protection is impossible, reducing vulnerabilities—especially within interconnected OT systems— is every operator’s best defense.
Human performance matters as much as technology.
The majority of incidents stem not from malice, but from fatigue, oversight, or lack of training. Building strong, consistent processes and empowering employees to report and respond quickly is critical.
Cyber and physical threats are merging.
Phishing emails, ransomware, drones, and physical sabotage are now part of blended attacks that demand integrated response plans.
AI is reshaping both sides of the fight.
Adversaries are using AI to automate and scale attacks, while defenders can use it to enhance anomaly detection and threat visibility.
Regulations are converging—and expectations are rising.
Agencies, including TSA and the U.S. Coast Guard, are aligning around core principles: IT/OT separation, continuous monitoring, workforce training, and layered defenses.
Culture equals resilience.
Security cannot be treated as a program or department—it must be embedded into operations the same way safety is. A resilient culture protects better than any single investment in tools or technology.
No operator is too small to be a target.
Local utilities, co-ops, and smaller system operators are increasingly in the crosshairs of cyber campaigns and must act accordingly.
McIntyre summed it up best:
“The most effective protections are processes—and they’re essentially free.”
What This Means For SGA Members
This roundtable reflected the heart of SGA’s mission to Share, Grow, and Advance:
- Share: Bringing leaders together to exchange real-world insights on critical topics such as cybersecurity and infrastructure
- Grow: Providing members with exposure to leading experts and emerging best practices that strengthen both operations and workforce capability.
- Advance: Helping the natural gas industry stay ahead of threats by fostering collaboration, innovation, and preparedness across all sectors.
As SGA continues to convene executive leaders, technical experts, and regulatory voices, we remain committed to turning shared knowledge into actionable strategies that safeguard our people, our systems, and our energy future.
>Explore more stories from The LINK 25Q3 in your browser by clicking here or downloading the PDF here.
