DHS Releases New Cybersecurity Requirements for Pipeline Operators
Tuesday, July 20, 2021 | Comments

Today, in response to the ongoing cybersecurity threat to pipeline systems, DHS’s Transportation Security Administration (TSA) announced the issuance of a second security directive that requires owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of protections against cyber intrusions.

“The lives and livelihoods of the American people depend on our collective ability to protect our nation’s critical infrastructure from evolving threats,” said Secretary of Homeland Security Alejandro N. Mayorkas. “Through this security directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our national and economic security. Public-private partnerships are critical to the security of every community across our country and DHS will continue working closely with our private sector partners to support their operations and increase their cybersecurity resilience.”

The Department’s Cybersecurity and Infrastructure Security Agency (CISA) advised TSA on cybersecurity threats to the pipeline industry, as well as technical countermeasures to prevent those threats, during the development of this second security directive. The security directive requires owners and operators of TSA-designated critical pipelines to implement specific mitigation measures to protect against ransomware attacks and other known threats to IT and operational technology (OT) systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review.

This is the second security directive that TSA has issued to the pipeline sector this year, building upon an initial security directive that TSA issued in May following a ransomware attack on a major petroleum pipeline. The May security directive requires critical pipeline owners and operators to report confirmed and potential cybersecurity incidents to CISA; designate a cybersecurity coordinator to be available 24 hours a day, seven days a week; review current practices; and identify any gaps and related remediation measures to address cyber-related risks and report the results to TSA and CISA within 30 days.

Since 2001, TSA has worked closely with pipeline owners and operators, as well as its partners across the federal government, to enhance the physical security preparedness of U.S. hazardous liquid and natural gas pipeline systems. TSA works closely with CISA, the nation’s lead agency for protecting critical infrastructure against cybersecurity threats, to execute this mission.

Would you like to comment on this story? Find our comments system below.




 
 
Post a comment
Name: *
Email: *
Title: *
Comment: *
 

Comments

No Comments Submitted Yet

Be the first by using the form above to submit a comment!


Education







Events
October 2021

18 - 20
Colorado NENA/APCO 2021 Conference
Denver
https://www.conenaapco.org

November 2021

2 - 3
Wireless Leadership Summit (WLS)
Austin, Texas
https://www.enterprisewireless.org/wls2021

3 - 5
Critical Communications World 2021
Madrid, Spain
https://www.critical-communications-world.com

23 - 25
PMRExpo
Cologne, Germany
https://www.pmrexpo.de/en/pmr21/

More Events >

Site Navigation

Close