TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware
The Transportation Security Administration on Tuesday handed down additional cybersecurity requirements for owners of major pipelines, this time focused on ransomware. It’s the second time the Department of Homeland Security’s TSA has issued a security directive to critical pipeline owners since ransomware attackers struck Colonial Pipeline in May, an incident that spurred panic-buying amid fears of a gas shortage. The specific requirements of the directive were not immediately clear. “This Security Directive requires owners and operators of TSA-designated critical pipelines to implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review,” a DHS statement reads. The same month of the Colonial Pipeline attack, TSA threatened to fine certain pipeline owners — an estimated 100 companies — if they failed to meet cybersecurity guidelines. TSA […]
The post TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware appeared first on CyberScoop.