APT & Targeted Attacks
Homeland Security Releases New Cybersecurity Rules
DHS's second issue requires pipeline operators to implement various cybersecurity measures to protect their operations from cyber attacks. This directive also builds upon the department's May directive following the Colonial Pipeline attack.
Last July 20, 2021, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) released its second security directive, requiring the owners and operators of TSA-designated critical pipelines to implement various protection against cyber attacks.
According to Alejandro N. Mayorkas, Secretary of Homeland Security, through the directive the DHS can better ensure that the pipeline sector takes the much-needed steps to protect its operations against cyber threats.
“Public-private partnerships are critical to the security of every community across our country and DHS will continue working closely with our private sector partners to support their operations and increase their cybersecurity resilience,” Mayorkas added.
This is the second directive the TSA issued to the pipeline sector this 2021, building on the initial Security Directive released on May 2021 following the ransomware attack on Colonial Pipeline by DarkSide.
The second directive requires critical pipeline owners and operators to implement specific mitigation measures to protect against ransomware attacks and other threats to IT and OT systems. It also requires owners and operators to develop and implement a cybersecurity contingency and recovery plan as well as to conduct a cybersecurity architecture design review.
On the other hand, the May directive requires owners and operators to report confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA), assign a cybersecurity coordinator available 24/7, review current practices, and determine any gaps related to remediation measures, addressing cyber-related risks and report the results to TSA and CISA.
Aside from the new directives, it is also pertinent for pipeline operators and owners to keep up-to-date with the latest threats and risks related to smart factories.
Stakeholders must grasp their factory’s current situation, set goals, and identify ways to fill such goals alongside their current skills gap. Moreover, best practices must be considered and implemented to keep operations running.
To learn more about protecting smart factories, check out the following forward-looking research by Trend Micro: