The Transportation Security Administration (TSA) has instructed owners and operators of U.S. pipeline systems to submit reports about any potential and confirmed breaches to the Cybersecurity and Infrastructure Security Agency (CISA).
TSA said companies that maintain critical pipelines should appoint a cybersecurity coordinator, develop risk management approaches and conduct audits within a 30-day period under a directive the agency issued Thursday.
The order is part of efforts by the Department of Homeland Security (DHS) to help the sector respond to cyber threats, following the May 7th Colonial Pipeline hack.
“The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security,” said Alejandro Mayorkas, DHS secretary and 2021 Wash100 Award recipient.
He added that DHS intends to continue working with the private sector in critical infrastructure protection efforts. Bloomberg reported Thursday operators could face a $7,000 fine per day if they fail to report cybersecurity incidents to the department.
President Biden signed an executive order May 13th directing federal agencies to prioritize the implementation of security best practices, cloud computing services and zero trust architectures.