TSA preps second pipeline cyber directive
The Transportation Security Administration told lawmakers on Tuesday that the agency is developing a second security directive focused on requirements for pipeline cybersecurity mitigation measures and that the agency has a cadre of inspectors ready to enforce those requirements.
Sonya Proctor, the assistant administrator for surface operations at TSA, told two subcommittees of the House Homeland Security Committee that the new directive will be a "security sensitive information" document and "will be rather prescriptive in terms of the mitigation measures required."
Proctor was testifying before House lawmakers alongside Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, about the effects of the ransomware attack against Colonial Pipeline.
A representative from the FBI was invited to testify at the hearing but declined to attend, according to Rep. Bonnie Watson Coleman (D-N.J.).
In the weeks following the May 7 attack, TSA issued a security directive mandating pipeline owners and operators to report "confirmed and potential" cybersecurity incidents to CISA as well as designate cybersecurity coordinators. The directive also requires pipeline owners to conduct self-assessments focused on the extent to which they are complying with existing voluntary standards.
Proctor's remarks on Tuesday were in response to a question from Coleman about how TSA will verify information companies report to the federal government and the consequences for misrepresenting themselves.
During previous hearings with Colonial Pipeline CEO Joseph Blount, lawmakers took issue with the company's lack of cooperation with TSA to conduct v ..
Support the originator by clicking the read the rest link below.