U.S. Transportation Security Administration (TSA) Security Incident

July 27, 2023 788 days ago Resolved

Incident Overview

Situation Description

The U.S. Transportation Security Administration (TSA) updated its Security Directive to mandate cybersecurity measures for oil and natural gas pipeline operators to prevent disruptions.

Event Types

Regulatory Enforcement Proactive Security Initiative

Industry Sector

Energy

Geographic Scope

National (US)

Response Actions

Revised Incident Response Plan Enhanced Third-Party & Supply Chain Risk Management

Impact Analysis

Event Types (2 identified)

Regulatory Enforcement Proactive Security Initiative

Financial Impact

$0 USD

Records Affected

Data Types Compromised

N/A

Primary Impacts

Operational Disruption

Key Decisions Made

Mandate TSA-specified owners/operators of pipeline and liquefied natural gas facilities to implement cybersecurity measures.; Require owners/operators to enhance cyber resilience through the implementation of a TSA-approved Cybersecurity Implementation Plan (CIP).; Require owners/operators to develop and maintain an up-to-date cybersecurity incident response plan (CIRP) and test at least two CIRP objectives annually.

Technical Analysis

Attack Method

Unknown

Additional Information

Analysis Attacks and Vulnerabilities CISA Critical infrastructure News Regulation, Standards and Compliance Transportation Vulnerabilities TSA Security Directive addresses OT cybersecurity, as it adopts performance-based rules for pipeline operators July 27, 2023 In the wake of ongoing cybersecurity threats to pipeline systems, the U.S. Transportation Security Administration (TSA) updated on Wednesday its Security Directive regarding oil and natural gas pipeline cybersecurity, in its continued effort to reinforce cybersecurity preparedness and resilience for the nations critical pipelines. The agency uses this Security Directive to mandate TSA-specified owners/operators of pipeline and liquefied natural gas facilities to implement cybersecurity measures, in order to prevent disruption and degradation to their infrastructure. The latest requirements, Security Directive Pipeline-2021-02D, are a continuation of the SD Pipeline-2021-02 series that cancels and supersedes SD Pipeline-2021-02C, issued last July. The document continues to require performance-based regulatory cybersecurity measures first issued by TSA on July 26, 2021, under the Security Directive Pipeline-2021-02 series. It has been developed with input from industry stakeholders and federal partners, including the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Transportation (DoT), following the initial directive announced in July 2021, issued after the Colonial Pipeline attack , and renewed in July 2022. The TSA specified that these cybersecurity measures expire on July 27, 2024. The goal of this Security Directive is to reduce the risk that cybersecurity threats pose to critical pipeline systems and facilities by implementing layered cybersecurity measures that demonstrate a defense-in-depth approach against such threats, the TSA disclosed. Recent and evolving intelligence emphasizes the growing sophistication of nefarious persons, organizations, and governments,...

... (truncated for display)

Quick Facts

Company:: U.S. Transportation Security Administration (TSA)
Date:: July 27, 2023
Status:: Resolved
Decision Maker:: TSA
Position:: nan
Published:: 27/07/2023

Source Information

Original Query

TSA pipeline security directive implementation audit reports post-Colonial attack

View Original Source

Timeline

Information Published

27/07/2023

Incident Occurred

July 27, 2023 (788 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats