September 25, 2021

Volume XI, Number 268

Advertisement

September 24, 2021

Subscribe to Latest Legal News and Analysis

September 23, 2021

Subscribe to Latest Legal News and Analysis

September 22, 2021

Subscribe to Latest Legal News and Analysis

U.S. Department of Homeland Security Announces Additional Pipeline Cybersecurity Directive

On July 20, 2021, the U.S. Department of Homeland Security’s (“DHS’s”) Transportation Security Administration (“TSA”) announced a new Security Directive (the “Second Directive”) requiring owners and operators of certain critical pipelines transporting hazardous liquids and natural gas to implement specific cybersecurity measures. This Second Directive builds on the TSA’s earlier directive of May 27, 2021, on which we previously reported.

The Second Directive requires TSA-designated critical pipelines to:

  • implement specific mitigation measures to protect against ransomware and other threats to information technology and operational technology systems;

  • develop and implement a cybersecurity contingency and recovery plan; and

  • conduct a cybersecurity architecture design review.

According to the announcement, DHS’s Cybersecurity and Infrastructure Security Agency (“CISA”) advised the TSA on cybersecurity threats facing the pipeline industry and relevant technical countermeasures. In connection with the announced requirements, Secretary of Homeland Security Alejandro N. Mayorkas noted, “Public-private partnerships are critical to the security of every community across our country and DHS will continue working closely with our private sector partners to support their operations and increase their cybersecurity resilience.”

 

Copyright © 2021, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XI, Number 215
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement
Advertisement