Trending

Cyber Defense

Digital Transformation

Energy Transition

Smarter Capital Planning

Zero-Emissions Transportation

What We Do

Acquisition & Divestment

Asset Planning & Management

Business Strategy & Transformation

Data & Analytics

Enterprise Technology

Financial Analysis

Industrial Cybersecurity

Policy & Regulatory

Industries

Government, Military & Municipal

Manufacturing & Industrial

Oil, Gas & Chemicals

Ports & Maritime

Power

Transportation

Water

Solutions

AssetLens

Managed Security Services

About Us
Careers
Our Partners
Blog
Contact Us
August 9, 2022

TSA Revises Cybersecurity Directive for U.S. Pipelines

by Ali Elnaamani

In 2021, the largest pipeline system in the U.S. for refined oil products suffered a ransomware cyberattack that would create lasting impacts in the oil and gas industry, namely how the sector can prevent similar attacks in the future.

One of the main impacts of the attack is the follow-up action and regulation that has been enforced by the U.S. Transportation Safety Administration (TSA). In May 2021, immediately after the attack, the TSA issued a security directive requiring oil and gas pipeline companies to:

  • Report cybersecurity incidents and threats to the Cybersecurity and Infrastructure Security Agency (CISA).
  • Appoint a cybersecurity coordinator who is available 24 hours a day, seven days a week.
  • Review and understand up-to-date cybersecurity practices.
  • Identify any gaps or remediation measures related to cybersecurity risks and report the results to the TSA and CISA within 30 days.

While the original directive was intended to quickly reduce and deter any further cyberattacks to oil and gas pipeline companies, the one-size-fits-all approach has required revisions as time has passed. Since the attack, the threat to the industry has evolved, and minimizing risk prompted some important edits to the TSA regulations.

According to the TSA, the new, revised directive offers an innovative and performance-based approach to improving security. These new conditions will be upheld by pipeline owners and operators in conjunction with the initial regulations that were released by the TSA.

In the revised directive, issued July 2022, pipeline owners and operators are required to:

  • Create and utilize a TSA-approved Cybersecurity Implementation Plan that lays out the exact measures the owners and operators are putting into place in order to meet the outcomes of the directive.
  • Develop a Cybersecurity Incident Response Plan that describes the actions that will be taken by owners and operators in the event of a cybersecurity disruption.
  • Establish a Cybersecurity Assessment Program that regularly tests the effectiveness of the owner’s/operator’s security measures and detects and fixes vulnerabilities.

Maintaining resilient security measures, following TSA guidance and creating agile remediation plans remain crucial in protecting valuable assets as the risk for cyberattacks targeting critical infrastructure continues to increase.

 

In order to manage risk, you need a steady hand to navigate ever-evolving standards and regulatory challenges.

Learn More
by Ali Elnaamani
Ali Elnaamani, managing director at 1898 & Co., has experience in industrial controls, operational technology cybersecurity, risk, compliance and technology consulting. He has extensive global leadership experience in digitalization and industry 4.0 consulting experience leading and supporting international teams and a wide range of industrial customers.
Contact