Cybersecurity Advice for Programmatic Guidance — Responding to the Latest Security Directive for Pipeline Operators

By Brad Bowers, Senior Manager of Security Services
9/20/2021

In recent months, the Department of Homeland Security (DHS) issued new security requirements for critical pipeline owners and operators.

The Secretary of Homeland Security has stated that “the lives and livelihoods of the American people depend on our collective ability to protect our Nation’s critical infrastructure from evolving threats.”1

Pipeline owners and operators of critical pipelines (designated as such by the Transportation Security Administration (TSA)) are now required to implement specific risk mitigation measures, have in place a contingency and recovery plan, and conduct a review of existing cybersecurity architecture.

The directive is a clear response to mounting security threats. Ransomware, malware, phishing attacks, and other cybercriminal activity has increased exponentially since early 2020, when many workforces went remote.

Ransomware attacks were up by 150% in 2020 over the previous year,2 while the amount paid by victims of these attacks increased by more than 300%.3

When cyberattacks are successful, organizations often suffer massive consequences — but so do their customers, partners, and many, many others who feel the impacts of a business shutdown when operations must cease in order to remediate.

Consider the potential impacts across industries:

  • Critical infrastructure — Pipeline operators, airlines, energy companies, government agencies, etc.
    • Impacts to supply chain
    • Increased spoilage
    • Service outages
    • Lack of access to critical resources
    • Heightened risk of terrorism
  • Healthcare — Hospital systems, clinics, medical research, federal medical units, etc.
    • Inability to access patient records
    • Patient care impacts
    • Staffing and logistical impacts
    • Medical supply chain interruptions
  • Financial — Banks, mortgage brokers and lenders, stock markets, federal agencies, etc.
    • Freezing of assets
    • Economic impacts
    • Breaches and exposure of sensitive data
    • Data manipulation

And, of course, the list could go on and on.

This simply illustrates that while oil and gas pipeline companies are directly impacted by this recent DHS mandate, all businesses need to be thinking about how to secure infrastructure.

As outlined in the “5 Attributes of a Modern Security Program” ebook, here are guiding principles organizations can follow to improve their security posture.

  1. Ensure complete visibility into the IT environment. Being able to see vulnerabilities, activities, and users/user groups on the network is the first step in shoring up systems and securing data against bad actors.
  2. Adopt a governance framework. It’s imperative that responsibilities are outlined, roles are assigned, and security decisions are aligned with overall business strategies, requirements, and objectives.
  3. Modernize identity and access management. Migrate to a Zero Trust strategy for identity that leverages cloud-based Single Sign-On (SSO) and Multi-Factor Authentication (MFA). This will help ensure the right users are able to access the data they need to be effective — and bad actors are less likely to find a way in.
  4. Automate and streamline. There’s simply too much threat activity to manage using manual methods. Automating helps reduce noise and alert fatigue, as well as refocus resources on hunting and investigating the most dangerous threats.
  5. Lean on proven tools and outside help. Businesses may consider consolidating tool sets and adopting multiplatform security tools that provide better visibility, automation, and Artificial Intelligence (AI)- and machine learning-powered capabilities.

You can also download this critical infrastructure security checklist to help your organization evaluate your current security posture and take a proactive approach to protection and compliance.

Groups like Insight Cloud + Data Center Transformation (CDCT) regularly help businesses transform the security operations center, modernize processes and tool sets, manage security needs on a 24/7 basis, strengthen data protection infrastructure, and mitigate and respond to threats like ransomware.

It’s important to remember — you’re not alone. Whether you need to conform to the latest security directives as a pipeline operator or are looking to bolster your security profile in light of today’s threatscape, our experts are here for you.

Learn more about our security practice here.

 

1 Department of Homeland Security. (2021, July 20). DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators.

2 Muncaster, P. (2021, Mar. 4). Ransomware Attacks Soared 150% in 2020. InfosecurityMagazine.com.

3 Institute for Security and Technology. (2021.). Combating Ransomware: A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force.