Following the ransomware attack on Colonial Pipeline, the Department of Homeland Security (DHS) has recently announced new requirements aiming to better detect and defend against cyber threats.
Indeed, it was reported that the owners and operators of critical pipeline facilities will have to report both confirmed and potential cybersecurity incidents to DHS’ Cybersecurity and Infrastructure Security Agency (CISA). Pipeline operators will also have to select someone to be a cybersecurity coordinator, available 24/7.
Furthermore, pipeline owners and operators will have to review their current cybersecurity practices, identify gaps, and detail measures required to prevent any risks, and submit these findings to the TSA and CISA within the next 30 days.
The TSA is implementing these measures so that the pipeline industry is prepared in case of a cyberattack. To accompany this initiative, CISA will also host a Cyber Resource Hub with details on potential threats and recommendations for organizations on how to defend themselves against ransomware attacks.