Due to the ongoing cybersecurity threat to pipeline systems and associated infrastructure, the Department of Homeland Security (DHS) has issued the first cybersecurity regulation for the pipeline sector. The regulation aims to better identify, protect against, and respond to threats to critical companies.
The cybersecurity landscape is constantly evolving therefore public and private sectors must adapt to address new and emerging threats. As reported by OpenGov Asia, the recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to homeland security. Colonial Pipeline shut down all pipeline operations after it was hacked by a cyber-criminal gang.
The incident also highlights the increasing risk ransomware is posing to critical national industrial infrastructure, not just businesses. It also marks the rise of an insidious criminal IT ecosystem worth tens of millions of pounds. It is unlike anything the cyber-security industry has ever seen before. To deal with the threat, DHS will continue to work closely with their private sector partners to support its operations and increase the resilience of the nation’s critical infrastructure.
The Security Directive will require critical pipeline owners and operators to report confirmed and potential cybersecurity incidents to the DHS Cybersecurity and Infrastructure Security Agency (CISA) and to designate a Cybersecurity Coordinator, to be available 24 hours a day, seven days a week. It will also require critical pipeline owners and operators to review their current practices as well as to identify any gaps and related remediation measures to address cyber-related risks and report the results to TSA and CISA within 30 days.
DHS’s Transportation Security Administration (TSA) is also considering follow-on mandatory measures that will further support the pipeline industry in enhancing its cybersecurity and that strengthen the public-private partnership so critical to the cybersecurity of their homeland.
Since 2001, TSA has worked closely with pipeline owners and operators as well as its partners across the federal government to enhance the physical security preparedness of U.S. hazardous liquid and natural gas pipeline systems. As the nation’s lead agency for protecting critical infrastructure against cybersecurity threats, CISA provides cybersecurity resources to mitigate potential risks, including through a dedicated hub that disseminates information to organisations, communities, and individuals about how to better protect against ransomware attacks.
This new TSA Security Directive also highlights the critical role that CISA plays as the country’s national cyber defence centre. Last December, Congress, through the National Defense Authorisation Act, empowered CISA to execute its mission to secure federal civilian government networks and the nation’s critical infrastructure from physical and cyber threats.
As reported by OpenGov Asia, the regulation is also part of the Biden administration’s efforts to bolster security for national infrastructure after persistent and increasingly sophisticated malicious cyberattacks. These attacks threaten the public sector, the private sector, and ultimately the American people’s security and privacy. The federal government also seeks to carefully examine what occurred during any major cyber incident and apply lessons learned.
The U.S. President has issued a policy that states that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security. The government must lead by example. All federal information systems should meet or exceed the standards and requirements for cybersecurity outlined in and issued according to this order.
However, cybersecurity requires more than government action. Protecting the U.S. from malicious cyber actors requires the government to partner with the private sector. The private sector must adapt to the continuously changing threat environment and ensure its products are built and operate securely, and partner with the government to foster more secure cyberspace. The digital infrastructure should be trustworthy and transparent so that people will trust the infrastructure.