The Department of Homeland Security (DHS) is to issue its first cyber security regulations for the pipeline industry.
In an effort to prevent a repeat of the recent cyber attack against the Colonial pipeline, which crippled nearly half of the East Coast’s fuel supply this month - The Transportation Security Administration, a DHS unit, will issue a security directive requiring pipeline companies to report cyber security incidents to federal authorities.
The directive will be followed by a more robust set of rules on how pipeline compnanies must safeguard their systems against cyber attacks and the steps to take if they are hacked.
Companies who become a victim to a cyber attack will be required to adhere to a set of best practices.
Voluntary cyber security guidelines previously issued by the DHS will be replaced with these mandatory regulations.
“This is a first step, and the department views it as a first step, and it will be followed by a much more robust directive that puts in place meaningful requirements that are meant to be durable and flexible as technology changes,” said a senior DHS official to The Washington Post.
The new rules are expected in the coming weeks.