Back in June, I wrote about the Transportation Security Agency’s (TSA) new security directive concerning pipeline owners and operators. The order mandated those entities to disclose security incidents such as the ransomware attack that affected the Colonial Pipeline Company back in May to the TSA and the Cybersecurity & Infrastructure Security Agency (CISA). It also required pipeline owners and operators to review their current practices, designate someone like a Chief Information Security Officer (CISO) as a Cybersecurity Coordinator, as well as work to identify gaps associated with their cybersecurity risks and report the results to the TSA and CISA.

The TSA’s Second Security Directive

Senior officials at the Department of Homeland Security (DHS), of which the TSA is a part, announced at the time of their security directive that they would soon require pipeline organizations to implement a new set of mandatory security controls or face financial penalties.

In mid-July, CISA announced the rollout of at least some of those controls in the form of a second security directive from the TSA. The mandate requires critical pipeline owners and operators to implement specific measures that can help them to defend against digital threats such as ransomware. It also necessitates entities to develop and enact a digital security contingency and recovery plan as well as review the design of their cybersecurity architecture.

Alejandro N. Mayorkas, U.S. Secretary of the DHS, framed this security directive in terms of upholding the United States’ national security. As quoted in a DHS press release:

The lives and livelihoods of the American people depend on our collective ability to protect our Nation’s critical infrastructure from evolving threats. Through this Security Directive, DHS can better ensure the pipeline sector takes the steps necessary to safeguard their operations from rising cyber threats, and better protect our (Read more...)