Thursday, July 18 2024

A new update from the Transportation Security Administration bolsters the security of essential pipeline companies. The revised directive aims to foster preparedness and fortify industry defenses against cyberattacks.

It instructs TSA-specified pipeline stakeholders to annually submit an updated cybersecurity assessment plan (CAP) not only for review, but for approval as well. Owners and operators must submit a CAP schedule for assessing and auditing specific cybersecurity measures. The schedule must ensure that at least 30% of TSA-relevant policies, procedures, measures, and capabilities are evaluated each year so that all are evaluated every three years. An annual report containing the results of the previous year’s assessments is mandated as well.

In addition, the new directive instructs owners and operators to test at least two of their cybersecurity incident response plan (CIRP) objectives annually and identify the employees involved in such exercises. Further, more language has been added informing owners and operators of pipelines that the TSA may notify them to include additional critical cyber systems not identified in the company’s cybersecurity implementation plan.

Published Wednesday in consultation with CISA and the Department of Transportation, it is the third in a series of pipeline security directives since the TSA first began issuing them in July 2021. The first directive came after a May 2021 ransomware attack on the Colonial Pipeline, which provides about 45% of the fuel used on the east coast. Perpetrated by a Russian ransomware gang, it led to a six-day shutdown of the pipeline, gas shortages, and emergency declarations in 17 states. In response, the U.S. Senate passed a law requiring operators of critical infrastructure and federal civilian agencies to report cyber incidents to CISA. Federal agencies like the TSA took note, too, introducing new cybersecurity requirements.

In a press release announcing the update, TSA administrator David Pekoske said, “Earlier versions [of the directive] required the development of processes and cybersecurity implementation plans. This version requires that operators test and evaluate those plans. We will continue to work with our partners in the transportation sector to increase cybersecurity resilience throughout the transportation system and acknowledge the significant work over the past year to protect critical infrastructure.”

Many of the measures found in the July 2021 directive and renewed in July 2022 will remain in place. Those include disclosing cyber incidents to CISA, identifying a cybersecurity point of contact, and conducting cybersecurity vulnerability assessments.  

Previous

SEC Augments Cybersecurity Regulations with New Disclosure Rules  

Next

Brands in the Crosshairs: ZeroFox Unveils New Intelligence Report

Check Also

Widget

Don’t Miss

Sevco Security Platform Product Review

Ellie Buscemi

What is the Sevco Security Platform? The Sevco Security Platform is a cyber asset attack service management (CAASM) product that focuses on aggregating and correlating data from across a company’s cybersecurity infrastructure to give cybersecurity professionals a better sense of what the company’s infrastructure looks like as a whole. The platform’s sources include a company’s […]

Cyber Deals: Huntress, Cyberhaven, and SpyCloud

CISOstack

Cybersecurity Surge: Top Funding Rounds and Strategic Acquisitions Fuel Growth in AI, Cloud Security, and Threat Prevention Solutions

Fidelis Elevate: A Deep Dive

Ellie Buscemi

What is Fidelis Elevate? Fidelis Elevate is an open extended detection and response (open XDR) solution focusing on network protection, endpoint security, and cyber attacker deception. The platform aims to protect various elements of a company’s infrastructure, such as devices and servers while tracking suspicious behavior and preventing access to cyber criminals. What features does […]

Partially closed laptop screen

Best Extended Detection and Response (XDR) Solutions

Lara Oporto

What is Extended Detection and Response and how does it work? Extended Detection and Response (XDR) is a cybersecurity system that gathers information from different places like computers, networks and emails. Unlike other security tools that focus on one area like computers or networks, XDR looks at everything together. The comprehensive approach helps to find […]

Close up of computer chip

Best Managed Detection and Response (MDR) Solutions

Lara Oporto

What is Managed Detection and Response? Managed Detection and Response (MDR) is a cybersecurity service that provides continuous monitoring, threat detection and incident response capabilities. MDR achieves these capabilities through the deployment of advanced technologies such as machine learning and behavioral analytics as well as analysis from security professionals. MDR is a cybersecurity service that […]

Best Hyperconverged Infrastructure Software

Ellie Buscemi

What is Hyperconverged Infrastructure and how does it work? Hyperconverged infrastructure (HCI) is a software that provides computing, storage and network operations for a company from a single point on a company’s hardware. Originally, computing, storage and network operations were divided in a company’s hardware infrastructure and potentially provided by separate vendors with different management […]