Preparing for and Responding to Cybersecurity Incidents: What Critical Pipeline Owners and Operators Need to Do as TSA Announces New Cybersecurity Requirements

Adams and Reese LLP

Adams and Reese LLP

On May 27, the Department of Homeland Security’s Transportation Security Administration announced a Security Directive designed to “better identify, protect against, and respond to threats to critical companies in the pipeline sector.”

The Security Directive comes in the wake of the Colonial Pipeline shutdown following a ransomware attack.

Highlights of the Security Directive

Critical pipeline owners and operators will be required to:

  • Report confirmed and potential cybersecurity incidents to the DHS Cybersecurity and Infrastructure Security Agency (CISA)
  • Designate a Cybersecurity Coordinator, to be available 24 hours a day, seven days a week
  • Review current practices and identify gaps and related remediation measures, and report the results to TSA within 30 days

TSA is also considering additional mandatory measures to assist the pipeline industry in enhancing it cybersecurity programs and practices.

Previous Security Guidance for Pipeline Owners and Operators

Written by:

Adams and Reese LLP

Adams and Reese LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.