Hello, Guest!

Cybersecurity

New Pipeline Cybersecurity Rules Kept Under Wraps

Pipeline security

New Pipeline Cybersecurity Rules Kept Under Wraps

Details of the Transportation Security Administration’s second set of cybersecurity rules for pipeline companies will be kept on a need-to-know basis, according to a Department of Homeland Security spokesperson. 

While not much is known about the new directive, DHS said in a press release that it will mandate owners and operators of TSA-designated critical pipelines to implement various protections against cyber intrusions.

DHS Secretary Alejandro Mayorkas believes that the rules will ensure that pipeline companies are able to safeguard their operations from rising cyber threats and promote national and economic security, Nextgov reported Tuesday

An initial directive was issued by the DHS and will remain in effect through May 28, 2022.

The first set of rules mandates pipeline companies to report confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency, such as unauthorized system access, malicious software detection, denial-of-service attacks and physical attacks on network infrastructure. 

Pipeline owners and operators are also instructed to identify any cyber-related gaps and designate readily available primary and alternate cybersecurity coordinators at the corporate level.

DHS issued the regulations in the wake of the Darkside ransomware attack directed at Colonial Pipeline. The oil distributor was targeted on May 7 and was forced to shut down temporarily for more than a week, affecting its customers in Texas, New Jersey, Louisiana, Mississippi, Alabama, Georgia, South Carolina, Tennessee, Virginia and Pennsylvania.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity