Updates & News

 

TSA Security Directive Pipeline-2021-02C

On July 21, 2022 The US Transportation Security Administration (TSA) revised and reissued their security directive for owners and operators of liquified natural gas facilities, natural gas and oil pipelines.

Revisions to the reissued cybersecurity guidance for pipeline owners and operators are summarized by TSA below:

The reissued security directive takes an innovative, performance-based approach to enhancing security, allowing industry to leverage new technologies and be more adaptive to changing environments. The security directive requires that TSA-specified owners and operators of pipeline and liquefied natural gas facilities take action to prevent disruption and degradation to their infrastructure to achieve the following security outcomes:

  1. Develop network segmentation policies and controls to ensure that the Operational Technology system can continue to safely operate in the event that an Information Technology system has been compromised and vice versa;

  2. Create access control measures to secure and prevent unauthorized access to critical cyber systems;

  3. Build continuous monitoring and detection policies and procedures to detect cybersecurity threats and correct anomalies that affect critical cyber system operations; and

  4. Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers and firmware on critical cyber systems in a timely manner using a risk-based methodology.

The core elements of Security Directive Pipeline-2021-02C are:

  • Cybersecurity Implementation Plan

    • Critical Systems Identification

    • Network Segmentation

    • Access Control

    • Continuous Monitoring and Detection

    • Patch Management

  • Cybersecurity Incident Response Plan

  • Cybersecurity Assessment Plan

SentryWire is a Network Security Monitoring (NSM) appliance that installs easily, provides immediate visibility into your network and directly supports the guidance outlined in Security Directive Pipeline-2021-02C by:

  1. Full packet capture for a historical look back at what happened and complete reconstruction of malicious activity with traceability to:

    1. Cybersecurity Incident Response Plan

    2. Cybersecurity Assessment Plan

  2. Policies to define critical assets and services, providing traceability and visibility for:

    1. Critical Systems Identification

  3. An extensible logging engine that generates a record for every packet that SentryWire captures to provide:

    1. Continuous Monitoring and Detection

  4. A fast and flexible Intrusion Detection System (IDS) that uses industry standard alert format with IOC, behavioral and anomaly detection that links directly to the packets that triggered an alert for easy forensic reconstruction of events with contextual logs for:

    1. Continuous Monitoring and Detection