Recently, the Transportation Security Agency (TSA) provided a brief to industry on the current status of efforts to improve pipeline cybersecurity. Initially, TSA published the Security Directives SD-1 and SD-2 which were applicable to the 100 pipeline operators identified as “Critical”. Responses to the TSA indicate that over 300 cyberattack incidents have been recognized by these 100 operators since this initial directive was published. The TSA noted that the response to their requests has been completed in full, and that TSA and CISA continue to work together to analyze the reports received by operators on cyberattacks in accordance with SD-1. The agencies continue to emphasize continued vigilance and efforts towards a secure cyber presence.
TSA recently issued SD-2, which provides for enhanced cybersecurity requirements for operators who have been identified as “critical.” TSA urges all operators, whether they have been identified or not, to follow the TSA pipeline security guidelines and security directives and be proactive in hardening their cyber defenses.
The TSA has issued frequently asked questions (FAQ) guidance to the affected operators as a result of numerous requests for clarification of the requirements. Additionally, they are in the process of developing inspection protocols through a selective inspection effort, wherein operators will meet with TSA and CISA personnel to evaluate the initial response efforts and actions being taken to mitigate cybersecurity threats. The TSA will continue to update the directives, FAQ’s and promulgate guidance as new information is received.