Since our previous Regulatory Update entitled “Federal Regulatory Response to Colonial Pipeline Ransomware Attack Is Starting,” the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) formally issued its previously announced Security Directive Pipeline-2021-01 on May 28, 2021. The provisions of this directive are applicable to the TSA-identified 100 most critical pipeline companies.
The TSA directive provides details on reporting requirements and associated deadlines for the applicable pipeline companies, which are highlighted below:
As stated in our previous Regulatory Update, it is expected that TSA will issue proposed cybersecurity standards/requirements in the coming weeks.
The TSA Security Directive Pipeline-2021-01 is available here.
June 2, 2021