Blog Cybersecurity Advice for Programmatic Guidance — Responding to the Latest Security Directive for Pipeline Operators
By Insight Editor / 20 Sep 2021
By Insight Editor / 20 Sep 2021
In recent months, the Department of Homeland Security (DHS) issued new security requirements for critical pipeline owners and operators.
The Secretary of Homeland Security has stated that “the lives and livelihoods of the American people depend on our collective ability to protect our Nation’s critical infrastructure from evolving threats.”1
Pipeline owners and operators of critical pipelines (designated as such by the Transportation Security Administration (TSA)) are now required to implement specific risk mitigation measures, have in place a contingency and recovery plan, and conduct a review of existing cybersecurity architecture.
The directive is a clear response to mounting security threats. Ransomware, malware, phishing attacks and other cybercriminal activity has increased exponentially since early 2020, when many workforces went remote.
Ransomware attacks were up by 150% in 2020 over the previous year,2 while the amount paid by victims of these attacks increased by more than 300%.3
When cyberattacks are successful, organizations often suffer massive consequences — but so do their customers, partners and many, many others who feel the impacts of a business shutdown when operations must cease in order to remediate.
Consider the potential impacts across industries:
And, of course, the list could go on and on.
This simply illustrates that while oil and gas pipeline companies are directly impacted by this recent DHS mandate, all businesses need to be thinking about how to secure infrastructure.
You can also download this critical infrastructure security checklist to help your organization evaluate your current security posture and take a proactive approach to protection and compliance.
Groups like Insight regularly help businesses transform the security operations center, modernize processes and tool sets, manage security needs on a 24/7 basis, strengthen data protection infrastructure, and mitigate and respond to threats like ransomware.
It’s important to remember — you’re not alone. Whether you need to conform to the latest security directives as a pipeline operator or are looking to bolster your security profile in light of today’s threatscape, our experts are here for you.
Learn more about our security practice here.
Sources:
1 Department of Homeland Security. (2021, July 20). DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators.
2 Muncaster, P. (2021, Mar. 4). Ransomware Attacks Soared 150% in 2020. InfosecurityMagazine.com.
3 Institute for Security and Technology. (2021.). Combating Ransomware: A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force.