The Transportation Security Administration is considering cybersecurity mandates for pipeline companies that would be helpful to the industry, the leader of a recent ransomware victim suggested.
“Certainly on a going forward basis, I think anything that can help industry, have better security practices, standards to follow would be extremely helpful, especially for the smaller companies that are, that are in other industries as well as my industry, less sophisticated,” Colonial Pipeline CEO Joseph Blount said.
Blount testified before the Senate Homeland Security and Governmental Affairs Committee Tuesday. His comment was in response to a question from Committee Ranking Member Rob Portman, R-Ohio, who asked whether TSA should build on requirements it issued at the end of last month following an attack that shuttered Colonial’s operations long enough to spur warnings against panic buying and price gouging and multiple state-of-emergency declarations on the east coast.
Portman noted that while the TSA rules require incident reporting to the Cybersecurity and Infrastructure Security Agency and a report from companies on their alignment with currently voluntary guidelines, it does not describe specific rules for the industry.
Such rules could relate to basic cybersecurity practices such as using multifactor authentication, an identity validation mechanism that appears on practically every piece of mitigation advice CISA and other agencies provide in response to threats they’re seeing.
During the hearing, Blount confirmed previous reporting that the intruders were able to access the company’s network via a virtual private network where multifactor authentication was not installed.
“Ranking member, in the case of this particular legacy VPN, it did only have single-factor ..
Support the originator by clicking the read the rest link below.
