TSA Head Explains Cybersecurity Directive for Pipeline Operators
One of the Transportation Security Agency’s recent directives required pipeline operators to adopt cybersecurity best practices, the agency’s top official said.
TSA Administrator David Pekoske said that while the directive provides some flexibility to operators, it also enforces a cybersecurity mandate for most critical pipeline systems, Nextgov reported Tuesday.
“The whole idea behind the second security directive is to make sure that, in addition to the reporting and the coordinator and the gap analysis, that we take specific actions to prevent an attack from occurring,” Pekoske told the Senate Commerce Committee.
Pekoske was referring to the second of two directives that TSA issued following the ransomware attack on Colonial Pipeline in May.
The hack, which reportedly crippled the company’s computer systems, was attributed to a ransomware-as-a-service group of Russian origin dubbed Darkside.
According to Nextgov, the first directive required critical infrastructure operators to report major incidents, maintain a round-the-clock cybersecurity coordinator and review their cyber practices against the agency’s guidelines.
TSA issued the second directive on July 20 but reportedly kept it from the public due to its sensitive classification.
Pekoske revealed to the Senate committee that the second directive requires organizations to adequately segment information technology from the operational technology they use for industrial control systems.
The National Institute of Standards and Technology’s Computer Security Research Center defines operational technologies as programmable systems that interact with the physical environment.
Leslie Gordon, acting director of the homeland security and justice team at the Government Accountability Office, said TSA has taken steps to address its shortcomings in pipeline cybersecurity.
Gordon said the agency still needs to improve its coordination with the Department of Transportation’s Pipeline and Hazardous Materials Safety Administration, which is responsible for the physical security of pipelines.
Tags: Colonial Pipeline cybersecurity Darkside David Pekoske Department of Transportation GAO Government Accountability Office Leslie Gordon Nextgov ransomware Russia Senate Commerce Committee Transportation Security Agency TSA