The TSA Is Formally Directing Pipeline Companies to Report Cybersecurity Incidents Within 12 Hours of Occurrence
The Transportation Security Administration (TSA) will formally issue a security directive Thursday to strengthen federal cybersecurity oversight of pipelines, weeks after a ransomware attack on Colonial Pipeline led to fuel shortages in multiple states.
The directive, set to be released two days after the The Washington Post first reported on its existence, will require pipeline companies to report cybersecurity incidents within 12 hours of them occurring to the Cybersecurity and Infrastructure Security Agency (CISA). Both CISA and TSA are part of the Department of Homeland Security (DHS).
The directive will also require pipelines owners and operators to designate an individual who is available 24/7 to coordinate with officials at both TSA and CISA in the event of a cyber incident, and for owners and operators to carry out assessments of existing cybersecurity practices to identify potential gaps and report their findings to TSA and CISA within 30 days.
