TSA working on additional security regulations following Colonial Pipeline hack

The Transportation Security Administration (TSA) is working on an additional cybersecurity directive for pipeline companies in the wake of the ransomware attack on Colonial Pipeline.

“We are continuing to develop additional measures for pipeline companies, and we are developing now a second security directive which would have the force of a regulation,” Sonya Proctor, the assistant administrator for Surface Operations at TSA, testified during a hearing held by two House Homeland Security Committee subcommittees on Tuesday.

The new directive will be the second issued by TSA, with the agency rolling out a directive last month that required pipeline owners and operators to report cybersecurity incidents within 12 hours of discovery to the Cybersecurity and Infrastructure Security Agency (CISA). It also increased coordination between pipeline owners and both CISA and TSA.

Both directives are being put together by TSA in the wake of the ransomware attack on Colonial Pipeline last month. The company provides 45 percent of the East Coast’s fuel supply, and major gas shortages were seen in several states when Colonial was forced to shut down the entire pipeline for nearly a week to protect operational controls from attack.