Infrastructure cybersecurity must be context sensitive, expert says
A new security directive from the Transportation Security Administration that takes aim at identifying, protecting against and responding to threats to companies in the pipeline sector may unintentionally hinder the process, an expert said.
A response to the ransomware attack by Russian hacker group DarkSide on Colonial Pipeline that shut down a conduit that provides nearly half the East Coast’s fuel, the directive includes three main requirements. First, pipeline owners and operators will have to report confirmed and potential cybersecurity incidents to the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency. Second, they will need to designate a cybersecurity coordinator, who will be available around the clock. Third, owners and operators must review their current cybersecurity practices, identify any gaps and related remediation measures and report the results to TSA and CISA within 30 days.
…
