GAO: TSA Launches Efforts to Address Weaknesses Related to Pipeline Cybersecurity

GAO: TSA Launches Efforts to Address Weaknesses Related to Pipeline Cybersecurity
Pipeline Security

The Government Accountability Office (GAO) made 15 recommendations for the Transportation Security Administration (TSA) to deal with weaknesses concerning its oversight of U.S. pipeline systems and found that TSA has addressed most of them, such as enhancing monitoring of security review performance, clarifying parts of its Pipeline Security Guidelines and evaluating staffing needs.

TSA has yet to fully address two previously identified weaknesses associated with pipeline cybersecurity as of June 2021 and those are incomplete information for pipeline risk assessments and failure to update protocols for responding to pipeline security incidents, GAO said in a report published Tuesday.

The congressional watchdog said TSA issued this July a cybersecurity directive requiring pipeline operators and owners to carry out cyber architecture design review annually, come up with a cybersecurity contingency response plan and implement cyber mitigation measures, among others.

“TSA officials told GAO that a timely update to address current cyber threats is appropriate and that they anticipate updating the Guidelines over the next year,” the report reads.

Supply Chain Cybersecurity: Revelations and Innovations

ExecutiveBiz, sister site of GovConDaily and part of the Executive Mosaic digital media umbrella, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.

You may also be interested in...

Cybersecurity

DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.