Preparing For And Responding To Cybersecurity Incidents: What Critical Pipeline Owners And Operators Need To Do As TSA Announces New Cybersecurity Requirements – Technology

United States:

Preparing For And Responding To Cybersecurity Incidents: What Critical Pipeline Owners And Operators Need To Do As TSA Announces New Cybersecurity Requirements

On May 27, the Department of Homeland Security's
Transportation Security Administration announced a Security Directive
designed to "better identify, protect against, and respond to
threats to critical companies in the pipeline sector."

The Security Directive comes in the wake of the
Colonial Pipeline shutdown following a ransomware attack.

Highlights of the Security Directive

Critical pipeline owners and operators will be required to:

• Report confirmed and potential cybersecurity incidents to the
  DHS
  Cybersecurity and Infrastructure Security Agency (CISA)
• Designate a Cybersecurity Coordinator, to be available 24 hours
  a day, seven days a week
• Review current practices and identify gaps and related
  remediation measures, and report the results to TSA within 30
  days

TSA is also considering additional mandatory measures to assist
the pipeline industry in enhancing it cybersecurity programs and
practices.

Previous Security Guidance for Pipeline Owners and
Operators

Our 
Privacy, Cybersecurity and Data Management Team will
continue to monitor the latest requirements and best practices
recommendations for pipeline owners and operators, and provide
insights on the efforts of critical infrastructure organizations to
build resilience and improve their security programs.

Originally published 27 May 2021.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Technology from United States

Comments are closed.