18 C
Hamburg
Thursday, June 5, 2025
Home News TSA revises and reissues cybersecurity requirements for pipeline owners and operators

TSA revises and reissues cybersecurity requirements for pipeline owners and operators

The United States government body, Transportation Security Administration (TSA) has announced that it is revising and reissuing its Security Directive on oil and natural gas pipeline cyber security.

This directive will continue the effort to build cybersecurity resilience for the pipelines, according to a statement.

The directive extends the cybersecurity requirements for another year (starting from last July) and focuses on non-binding performance-based measures so that there are critical cyber results.

“TSA is committed to keeping the nation’s transportation systems safe from cyberattacks. This revised security directive follows significant collaboration between TSA and the oil and natural gas pipeline industry. The directive establishes a new model that accommodates variance in systems and operations to meet our security requirements,” said TSA administrator David Pekoske.

“We recognise that every company is different, and we have developed an approach that accommodates that fact, supported by continuous monitoring and auditing to assess achievement of the needed cybersecurity outcomes. We will continue working with our partners in the transportation sector to increase cybersecurity resilience throughout the system and acknowledge the significant work over the past year to protect this critical infrastructure,” he added.

It is important to note that May 2021 ransomware attack on a major pipeline had TSA to issue several security directives requiring that owners and operators of critical pipelines implement several urgently needed cybersecurity measures.

TSA intends to initiate the formal rulemaking process, which will provide an opportunity for public comments to be submitted and considered.

The security directive requires owners and operators of TSA-specified pipeline and LNG facilities to take action to achieve the following safety outcomes:

  1. Develop network segmentation policies and controls
  2. Establish access control measures to secure and prevent unauthorized access to critical cyber systems
  3. Build continuous monitoring and detection policies and procedures to identify cyber security threats and correct related anomalies
  4. Reduce the risk of exploiting unpatched systems by applying security patches and updates for operating systems, applications, drivers and firmware

Pipeline owners and operators must:

  1. Establish and execute a TSA-approved Cybersecurity Implementation Plan that outlines specific cybersecurity measures
  2. Develop and maintain a Cyber ​​Security Incident Response Plan
  3. Create a Cybersecurity Assessment Program to review the effectiveness of cybersecurity measures and identify and resolve vulnerabilities in devices, networks and systems proactively and regularly

Added to these requirements is the previously established requirement to report significant cyber security incidents to CISA, establish a cyber security contact point and conduct an annual cyber vulnerability assessment.





Latest Posts

Hapag-Lloyd applies GRI on Pakistan–Middle East trade lanes

Hapag-Lloyd has announced a General Rate Increase (GRI) from Pakistan to the Arabian Gulf, Saudi Arabia (Eastern and Western Provinces), Jordan and Yemen, and...

Wan Hai Lines debuts new Vietnam–Thailand–India direct route

Wan Hai Lines has announced a new direct service, the Tamil Nadu–Thailand Express (TTX) service, with the first vessel arriving at India's Chennai and...

Red Sea Eases, but Carriers Wary as Suez Canal Pushes for Return

As the haze begins to lift over the troubled waters of the Red Sea, the Suez Canal Authority (SCA) is carefully balancing reassurance with...

MSC and ZIM downsize joint Far East-US East Coast service network

In response to the recent changes in demand for cargo transport from Asia to the United States, MSC and ZIM have decided to adjust...

US sanctions target Iran-China oil trade, stirring waves across global shipping

As Washington ramps up its campaign to stifle Iranian oil revenues, a new chapter is unfolding in the ongoing tensions between the United States,...
error: Content is protected !!