Gadgets News

DHS will issue mandatory cybersecurity rules for pipeline companies

After the Colonial Pipeline ransomware attack which has led to fuel shortages in parts of the United States, the federal government plans to impose for the first time mandatory cybersecurity regulation on the pipeline industry. According to In the Wall Street Journal, the Department of Homeland Security and the Transportation Security Administration (the same TSA that decides whether you can board a plane or not) will soon need leads to alert federal authorities when they are victims of piracy.

They must inform both the TSA and the Cyber ​​and Infrastructure Security Agency (CISA) of any incident and employ a cybersecurity officer with a 24/7 hotline to those units. They will also test their systems for vulnerabilities. According to In the Washington Post, the TSA will issue “more robust” rules detailing how pipeline companies should secure their networks and respond to hackers “in the coming weeks”.

“This is a first step, and the department sees it as a first step, and it will be followed by a much more robust directive that implements significant requirements that are intended to be durable and flexible as technology changes,” he said. a Department of L’said the official of the Fatherland In the Washington Post.

The security of the pipelines fell under the jurisdiction of the TSA in 2002 as a by-product of the terrorist attacks of September 11, 2001. For the most part, the agency focused its attention on protection of pipelines from physical threats such as terrorist attacks. It only issued its first set of cybersecurity guidelines in 2010, and even then, those were only voluntary. It is not uncommon in the United States. Most of the industries that monitor critical infrastructure, including projects such as dams, do not have mandatory standards that are required to be respected by the government. President Biden recently did signed an executive order which has touched on some of these issues.

Where things get complicated is that cybersecurity is not necessarily a force for the TSA. In 2019, the agency said it had only five employees trained to handle cybersecurity and enforcement audits. The Department of Homeland Security plans to employ more personnel in both TSA and CISA and assign the two units to work together on enforcement.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, you can earn an affiliate commission.

Source link

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button