Trend Micro -
Last July 20, 2021, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) released its second security directive, requiring the owners and operators of TSA-designated critical pipelines to implement various protection against cyber attacks.
According to Alejandro N. Mayorkas, Secretary of Homeland Security, through the directive the DHS can better ensure that the pipeline sector takes the much-needed steps to protect its operations against cyber threats.
“Public-private partnerships are critical to the security of every community across our country and DHS will continue working closely with our private sector partners to support their operations and increase their cybersecurity resilience,” Mayorkas added.
This is the second directive the TSA issued to the pipeline sector this 2021, building on the initial Security Directive released on May 2021 following the ransomware attack on Colonial Pipeline by DarkSide.
The second directive requires critical pipeline owners and operators to implement specific mitigation measures to protect against ransomware attacks and other threats to IT and OT systems. It also requires owners and operators to develop and implement a cybersecurity contingency and recovery plan as well as to conduct a cybersecurity architecture design review.
On the other hand, the May directive requires owners and operators to