The US is Enhancing its Critical Infrastructure Cybersecurity


This post is also available in: עברית (Hebrew)

In the wake of a string of ransomware attacks, mainly the one on Colonial Pipeline fuel pipeline company that demonstrated massive vulnerabilities within U.S. infrastructure, the United States Transportation Security Administration (TSA) issued a new Security Directive that requires owners and operators of critical pipelines to roll out urgent cyber protections.

The new Directive requires critical pipeline companies to use CISAgov best practices to shore up their cybersecurity.

The demand will apply to any hazardous liquid or natural gas transporting pipelines the TSA has deemed critical. 

This is TSA’s second directive this year, building on a rushed order from May that required pipeline owners and operators to report confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA), designate a Cybersecurity Coordinator, review current practices and identify gaps and measures to patch cyber-related risks.

CISA, as a fellow part of the Department of Homeland Security, advised TSA on cybersecurity threats to the pipeline industry and technical countermeasures needed to prevent such threats for the creation of this directive, according to 

The June 2021 cyber attack on Colonial Pipelines, the largest fuel pipeline in the U.S., resulted in shortages across the East Coast.