Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
208865 ZDNET 2021-5-27:
DHS releases new cybersecurity guidelines for pipelines after Colonial attack
1.000 Find similar Compare side-by-side
208858 TECHREPUBLIC 2021-5-27:
Homeland Security unveils new cybersecurity requirements for pipeline operators
0.959 0.635 Find similar Compare side-by-side
208470 THEVERGE 2021-5-25:
Government decides pipeline companies should actually have cybersecurity regulations
0.113 0.587 Find similar Compare side-by-side
208616 TECHREPUBLIC 2021-5-24:
Biden executive order bets big on zero trust for the future of US cybersecurity
0.491 Find similar Compare side-by-side
208684 ZDNET 2021-5-24:
An NTSB for cyber attacks? Critics grapple with Biden's Cybersecurity Safety Review Board plan
0.485 Find similar Compare side-by-side
209118 ZDNET 2021-5-31:
Microsoft wants to unite APAC governments with cybersecurity council
0.449 Find similar Compare side-by-side
208636 TECHREPUBLIC 2021-5-25:
Shift left security is helpful, but one expert says it's not enough
0.005 0.439 Find similar Compare side-by-side
208873 TECHREPUBLIC 2021-5-26:
Is it really the Wild West in cybercrime? Why we need to re-examine our approach to ransomware
0.019 0.429 Find similar Compare side-by-side
208904 ZDNET 2021-5-27:
Colonial Pipeline attack used to justify Australia's Critical Infrastructure Bill
0.605 0.400 Find similar Compare side-by-side
208566 TECHREPUBLIC 2021-5-25:
Expert: Biden's executive order on cybersecurity is a good start toward protecting organizations
0.393 Find similar Compare side-by-side
208920 ZDNET 2021-5-27:
DHS chooses AT&T for telecommunications infrastructure modernization project
0.393 Find similar Compare side-by-side
208770 TECHREPUBLIC 2021-5-27:
Debunking infosec purity and other security myths in the wake of recent attacks
0.019 0.393 Find similar Compare side-by-side
208607 TECHREPUBLIC 2021-5-24:
The Colonial Pipeline cyberattack is a (another) call for zero trust and resilience in industrial companies
0.379 Find similar Compare side-by-side
208618 ZDNET 2021-5-25:
Ransomware attack on Bose exposes employee SSNs and financial information
0.356 Find similar Compare side-by-side
208413 ZDNET 2021-5-25:
Ransomware: Two-thirds of organisations say they'll take action to boost their defences
0.356 Find similar Compare side-by-side
208890 ZDNET 2021-5-27:
Various Japanese government entities had data stolen in cyber attack: Report
0.352 Find similar Compare side-by-side
208654 TECHREPUBLIC 2021-5-24:
FBI warns of Conti ransomware attacks against healthcare organizations
0.349 Find similar Compare side-by-side
208705 ZDNET 2021-5-25:
Not as complex as we thought: Cyberattacks on operational technology are on the rise
0.349 Find similar Compare side-by-side
208443 VENTUREBEAT 2021-5-24:
ServiceNow taps Microsoft data to enhance security
0.348 Find similar Compare side-by-side
208495 VENTUREBEAT 2021-5-25:
5 really exciting tech roles open for applicants right now
0.002 0.340 Find similar Compare side-by-side
208818 VENTUREBEAT 2021-5-27:
Resecurity Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021
0.002 0.335 Find similar Compare side-by-side
208631 VENTUREBEAT 2021-5-26:
Cybersecurity monitoring and threat prevention startup Uptycs raises $50M
0.334 Find similar Compare side-by-side
208808 TECHREPUBLIC 2021-5-28:
SolarWinds hackers resurface to attack government agencies and think tanks
0.333 Find similar Compare side-by-side
208753 ZDNET 2021-5-28:
Researchers find four new malware tools created to exploit Pulse Secure VPN appliances
0.332 Find similar Compare side-by-side
208538 ZDNET 2021-5-26:
Ransomware: Dramatic increase in attacks is causing harm on a significant scale
0.327 Find similar Compare side-by-side

1

ID: 208865

URL: https://www.zdnet.com/article/dhs-releases-new-cybersecurity-guidelines-for-pipelines-after-colonial-attack/

Date: 2021-05-27

DHS releases new cybersecurity guidelines for pipelines after Colonial attack

The new rules will force pipeline operators to report any cybersecurity incidents to CISA and hire cybersecurity coordinators who can be on call 24/7. The Department of Homeland Security's Transportation Security Administration released new cybersecurity guidelines for pipeline owners and operators following the ransomware attack on the Colonial Pipeline that left thousands of people in the US scrambling for gas for about a week. Colonial has faced backlash in recent weeks for how they responded to the attack and for admitting they paid the attackers almost $5 million for tools to restore their systems. The tools they got in return did not help, and the federal government had to step in to help the company get back online as gas prices on the East Coast spiked.  New report: DHS is a mess of cybersecurity incompetence A large, embarrassing, and alarming Federal oversight report finds major problems and grave shortcomings with Department of Homeland Security cybersecurity programs and practices which are "unlikely to protect us". Read More The new DHS directive, which was first reported by The Washington Post earlier this week, forces pipeline owners to report any cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency and requires all pipelines to have a Cybersecurity Coordinator who can be on call 24/7.  All pipeline operators will also have to send CISA and TSA a report in 30 days about "their current practices as well as to identify any gaps and related remediation measures." In addition to the new measures, TSA is considering other mandatory measures for pipelines and in a statement, DHS said the security directive would allow them to "better identify, protect against, and respond to threats" directed at the country's pipelines.  Secretary of Homeland Security Alejandro Mayorkas said the department had no choice but to adapt to the "new and emerging threats" that continue to evolve.  "The recent ransomware attack on a major petroleum pipeline demonstrates that the cybersecurity of pipeline systems is critical to our homeland security," Mayorkas said. "DHS will continue to work closely with our private sector partners to support their operations and increase the resilience of our nation's critical infrastructure." The Washington Post noted that the attack on Colonial caused the pipeline to shut down for 11 days and left federal officials shellshocked considering the devastating effects to the airline, transit and chemical industries if the shutdown went on for much longer. The first set of cybersecurity guidelines for pipelines were issued in 2010 and updated in 2018 by TSA but have faced backlash for being voluntary and lackluster considering the evolution of cyberattack capabilities.  If any of the new regulations are violated, pipelines will face financial penalties, according to DHS officials who spoke to The Washington Post.   The US currently has more than 3,000 pipeline companies managing nearly three million miles of pipeline in the country. The government has faced criticism in Congress and from pipeline operators for having a TSA office staffed with just six people watching the cybersecurity of all oil and gas pipelines.  There has also been significant debate over which government agency would be better suited to protecting the cybersecurity of the country's pipelines, with some in the House Energy and Commerce Committee arguing that the Energy Department is more experienced in the field than TSA.  Cybersecurity experts had mixed responses to the new regulations. Some said they did not do enough to force pipeline operators to take cybersecurity seriously while others worried that the burden was being put on victims to protect themselves.  Jim Gogolinski, vice president at iboss, said the directive is likely being modeled after the existing NERC CIP standards that are designed to prevent and mitigate attacks against critical electrical infrastructure.  "Reporting is obviously a key part of that but so are security protocols, system management, and personnel training. The NERC CIP standards are followed closely because fines for not complying can reach as high as $1 million per day per violation," Gogolinski said. "If the new pipeline directive includes similar fines, we would expect to see swift efforts by the industry to come into compliance." Nozomi Networks CEO Edgard Capdevielle said his company works with oil and gas enterprises around the world and noted that like most critical infrastructure sectors in the US, the oil and gas industry did not have mandatory cyber standards until now.  The mandatory breach reporting requirement would allow for more collaboration between pipeline operators, security vendors and the government, Capdevielle said, adding that an open approach to information sharing will play a big part in building a more mature cyber defensc. "The distributed nature of the oil and gas sector makes this extra challenging. It requires many different forms of connectivity and can be more difficult to secure. These environments are distributed and physically remote," Capdevielle said.   "No two operators are alike in terms of the exact processes and systems they're using, which makes it harder to establish one set of cybersecurity requirements that will work effectively for all. While there's a place for regulated security requirements, we need to be careful not to put all the burden on the victims. Tax incentives and government-funded centers of excellence will help ensure critical infrastructure operators can build and maintain effective cybersecurity programs over time. "  Other experts, like Coalfire cyber executive Joseph Neumann, were far less excited about the new rules, telling ZDNet that regulations "have never helped a company improve its security posture. "  The mandatory reporting requirements does not help the industry or anyone in any way, he said, explaining that mandatory external audits and security assessments would be better requirements to force companies to improve their overall security.  "The power generation sectors like this frequently lag behind in security posture with ageing infrastructure and legacy systems that have been in place for decades. These organizations over the years have slowly blended their corporate and Operational Technology networks together creating a nasty opportunity for bad things to occur as we have seen in the Colonial Pipeline incident," Neumann said.  "The Federal Government itself is struggling to keep its systems secure as seen from the recent SolarWinds breaches and rush mitigations pushed down by the Department of Homeland Security." John Bambenek, the threat intelligence advisor at Netenrich, said that while the mandatory notification rule will get the most press, the protective regulations are far more important. "The facts are, we have thousands of pages of policies, regulations, and studies on security for the federal government and they still get breached," Bambenek said. "A regulatory approach based on preventing the last incident is always going to be lacking in terms of preventing future incidents."