"US to Regulate Pipeline Cybersecurity"

The United States Department of Homeland Security (DHS) is to issue its first-ever set of cybersecurity regulations for pipelines.  The news comes in the wake of a recent ransomware attack on the Colonial Pipeline that knocked operational systems offline for five days, triggering panic buying that led to fuel shortages in the Southeast. A senior DHS official has stated that a security directive will be issued this week requiring pipeline companies to report cybersecurity incidents to federal authorities. The directive will come from the Transportation Security Administration, a DHS unit.  This directive will be followed by a meatier set of regulations in a couple of weeks. These rules are expected to layout in more detail what pipeline operators must do to protect their systems from cyberattacks.  Post-breach behavior will also be regulated, with companies who succumb to a cyberattack ordered to adhere to a set of best practices.  These mandatory regulations will replace the voluntary cybersecurity guidelines issued previously by the DHS.

Infosecurity reports: "US to Regulate Pipeline Cybersecurity"