Policy Minute: TSA Cybersecurity Roadmap for Pipelines
Transportation services providers are increasingly facing new technology-oriented threats in day-to-day business. Recent cyberattacks and the potential for serious disruption from threat actors have drawn the attention of the...more
Regulatory interest in securing the nation’s energy infrastructure continued in 2023. On July 26, 2023, the Transportation Security Administration (TSA) announced significant updates to its security directive aimed at...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
Cybersecurity vulnerability is emerging as a top-of-mind issue for transportation and logistics service providers, regulators, and criminals alike. Recent years have yielded headline-worthy ransomware attacks on domestic...more
On July 26, 2023, the Transportation Security Administration (TSA) issued a revised Security Directive governing the cybersecurity practices of owners and operators of critical liquid and natural gas pipelines and liquified...more
Cybersecurity continues to be top of mind for federal and state policymakers. This advisory identifies and analyzes some major recent developments that present opportunities and challenges in the coming months for a broad...more
The Department of Homeland Security’s Transportation Security Administration (“TSA”) has issued an amended directive on pipeline security, SD-Pipeline-2021-02D (the “Directive”). The Directive is based on and supersedes the...more
The Biden Administration recently reaffirmed its continued focus on cybersecurity by announcing an Implementation Plan for the National Cybersecurity Strategy (the Plan). The Plan provides a roadmap covering the policies and...more
Following the release of President Biden’s National Cybersecurity Strategy, Acting National Cyber Director Kemba Walden explained that the Biden Administration is “expecting more” from owners and operators in critical...more
After a rash of significant cybersecurity breaches and ransomware attacks affecting a wide set of industries, ranging from pipelines to technology companies, the Biden administration released its much-anticipated National...more
“Continued disruptions of critical infrastructure and thefts of personal data make clear that market forces alone have not been enough to drive broad adoption of best practices in cybersecurity and resilience.” National...more
Background Critical infrastructure providers confront unique cyber threats. The use of operational technology (OT) introduces risks that arise from, for example, legacy equipment that cannot readily be patched, updated, or...more
Biden Administration to Introduce New National Cyber Strategy for Critical Infrastructure - The Biden administration is reportedly working on a National Cyber Strategy for critical infrastructure that will advocate a more...more
Operational technology (OT) is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events. By design, OT underpins many critical...more
The Transportation Security Administration (TSA) published an Advance Notice of Proposed Rulemaking (ANPRM) on November 30, 2022, seeking stakeholder comment on ways to strengthen cybersecurity and resiliency for pipeline and...more
On October 18, 2022, the Transportation Security Administration (“TSA”) issued its Security Directive 1580/82-2022-01 on Rail Cybersecurity Mitigation Actions and Testing (the “Railroad Directive”), regulating designated...more
It has been over a year since the Colonial Pipeline cybersecurity incident, and the Department of Homeland Security’s Transportation Security Administration (“TSA”) continues to issue cybersecurity directives to owners and...more
Following significant collaboration with the industry, the Transportation Security Administration (TSA) issued a revised directive, effective July 27, 2022, which updates one of the prior directives issued in the wake of a...more
Cybersecurity has emerged as a tangible risk for transportation service providers over the course of the last year. Ransomware attacks on domestic industry and critical infrastructure, and tensions associated with the Russian...more
Late 2021 and early 2022 have been full of federal government activity related to cybersecurity incident reporting. Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 to require mandatory...more
This December, the Transportation Security Administration (TSA) issued a pair of Directives establishing cybersecurity measures for high-risk freight rail, passenger rail, and rail transit owners and operators. These...more
Cybersecurity threats to critical infrastructure systems are nothing new. But events over the last few years have been notable due to the seemingly increased frequency of successful attacks and the way those attacks have been...more
On December 2, 2021, the US Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) announced two new Security Directives and additional guidance for voluntary measures to strengthen cybersecurity...more
What: The Transportation Security Administration (TSA) has issued two Security Directives aimed at passenger and freight railroad cybersecurity, continuing the government’s move to an increasingly regulatory approach to...more
Imagine a country paralyzed by the inability — even for just one day — to move people or goods by rail or by plane. This is not science fiction. This is the reality of the potential cybersecurity threats that could impact the...more