What TSA's New Cybersecurity Standards Mean For Pipelines
Data Privacy attorneys Shardul Desai and Marissa Serafino co-authored a Law360 article about new pipeline cybersecurity policies issued by the Transportation Security Administration (TSA). The mandatory cybersecurity rules on owners and operators of pipelines were largely issued in response to the Colonial Pipeline ransomware attack. These standards require pipeline companies to immediately implement mitigation measures to protect against cyberattacks, to develop a cybersecurity contingency and recovery plan and to conduct a cybersecurity architecture design review. The authors outline specific implications on pipeline companies and share insight on the future of pipeline cybersecurity.