What TSA's New Cybersecurity Standards Mean For Pipelines

By Shardul Desai and Marissa Serafino (August 17, 2021, 5:46 PM EDT) -- The Transportation Security Administration on July 20 reversed two decades of pipeline cybersecurity policies.[1]

Having previously advocated for voluntary pipeline cybersecurity standards, the TSA quickly issued mandatory cybersecurity rules on owners and operators of pipelines, hereinafter, pipeline companies, in response to the Colonial Pipeline ransomware attack.[2]

The July 20 security directive was deemed sensitive and was shielded from public disclosure.

What is publicly known is that the directive requires pipeline companies to immediately implement mitigation measures to protect against cyberattacks, to develop a cybersecurity contingency and recovery plan, and to conduct a cybersecurity architecture design review. These new mandatory cybersecurity rules...

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.

  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!


Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!