USA: DHS announces Security Directive for critical pipeline sector
The U.S. Department of Homeland and Security ('DHS') announced, on 27 May 2021, the New Cybersecurity Requirements ('Security Directive') for critical pipeline owners and operators that will enable the department to better identify, protect against, and respond to threats to critical companies in the pipeline sector.
In particular, the Security Directive will require critical pipeline owners and operators to implement some security measures, such as:
- reporting confirmed and potential cybersecurity incidents to the DHS Cybersecurity and Infrastructure Security Agency ('CISA');
- designating a cybersecurity coordinator, to be available 24 hours a day, seven days a week;
- reviewing their current practices; and
- identifying any gaps and related remediation measures to address cyber-related risks and report the results to DHS and CISA within 30 days.
You can read the press release here.