Department of Homeland Security Announces Pipeline Cybersecurity Policy
On May 27, 2021, the US Department of Homeland Security’s Transportation Security Administration (“TSA”) announced a security policy (“Policy”) that will impose new cybersecurity requirements on critical pipeline owners and operators.
According to the directive, owners and operators of critical pipelines must:
- Report confirmed and potential cybersecurity incidents to DHS Cybersecurity and Infrastructure Security Agency (“CISA”);
- Appoint a cybersecurity coordinator who is available 24/7; and
- Review current practices to identify gaps and remedial actions related to cyber risk and report the results to the TSA and CISA within 30 days.
According to the DHS announcement, the TSA is also considering additional follow-up commitments and cybersecurity measures in the pipeline industry. As we previously reported, President Biden signed an Executive Order on May 12, 2021 designed to improve cybersecurity in the United States and protect federal government networks.