A new Security Directive (SD) issued by the Department of Homeland Security’s Transportation Safety Administration (TSA) on May 27, 2021, requires oil and gas pipeline operators to report all cyberattacks to the federal government. The SD follows a ransomware attack that forced the shutdown of the Colonial Pipeline which triggered panic-buying, pricing spikes, and regional shortages.

The directive focuses on three requirements to be completed by operators:TSA

  1. Report “confirmed and potential cybersecurity incidents” to the Cybersecurity and Infrastructure Security Agency (CISA).
  2. Designate a corporate Cybersecurity Coordinator, available 24/7.
  3. Review current practices and complete a vulnerability assessment, reporting the results to the TSA and CISA within 30 days of the effective date of the SD (or by May 28, 2021).

Previously, the TSA provided voluntary guidelines on cybersecurity for pipelines. This SD follows an executive order signed by President Biden on May 12 intending to strengthen the nation’s cybersecurity and federal networks.

For additional information on the CISA’s role in pipeline security, visit the Pipeline Cybersecurity Initiative website.