Ransomware, Critical Infrastructure Security, Threat Management

Updated pipeline cybersecurity requirements issued

Major pipeline operators across the U.S. have been given updated cybersecurity requirements under the revised Transportation Security Administration directive, which had been deemed impractical in its initial release following a major ransomware attack against Colonial Pipeline last year, reports CNN. Some pipeline operators will be mandated under the new directive to keep security controls enabling the continued operation of industrial equipment in the event of an IT system hack, while incident response plans detailing major cyberattack recovery will also be required. "Our goal was to improve the standards to make it even more secure going forward because this threat is very real [and] has significant impacts across the country," said TSA Administrator David Pekoske. Pekoske also noted that the attack on Colonial Pipeline has served as a wake-up call for critical infrastructure entities to bolster their cybersecurity posture. The U.S. government has also been spurred into action by the incident. "The reality is that [ransomware] never received the attention it deserved [from the broader public] until post-Colonial," noted FBI Cyber Division Assistant Director Bryan Vorndran.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.