The Transportation Security Administration (TSA) is working on an additional cybersecurity directive for pipeline companies in the wake of the ransomware attack on Colonial Pipeline.
“We are continuing to develop additional measures for pipeline companies, and we are developing now a second security directive which would have the force of a regulation,” Sonya Proctor, the assistant administrator for Surface Operations at TSA, testified during a hearing held by two House Homeland Security Committee subcommittees on Tuesday.
The new directive will be the second issued by TSA, with the agency rolling out a directive last month that required pipeline owners and operators to report cybersecurity incidents within 12 hours of discovery to the Cybersecurity and Infrastructure Security Agency (CISA). It also increased coordination between pipeline owners and both CISA and TSA.
Proctor said Tuesday that the upcoming second directive would be classified as more sensitive in nature than the first directive due to “the nature of the mitigating measures that are going to be required.”
She noted that the directive “will require more specific mitigation measures, and it will ultimately include more specific requirements with regard to assessments,” and that TSA inspectors trained in both pipeline operations and cybersecurity will be tasked with ensuring pipeline companies adhere to both directives.
“As recently evidenced, cyber intrusions into pipeline computer networks have the potential to negatively impact our national security, economy, commerce, and wellbeing,” Proctor said as part of her prepared statement for the hearing. “For these reasons, TSA remains committed to securing our Nation’s pipelines against evolving and emerging risks.”
Both directives are being put together by TSA in the wake of the ransomware attack on Colonial Pipeline last month. The company provides 45 percent of the East Coast’s fuel supply, and major gas shortages were seen in several states when Colonial was forced to shut down the entire pipeline for nearly a week to protect operational…