The Colonial Pipeline made cybersecurity headlines in May when a data breach caused management to halt operations for the first time in its 57-year-history. Just how did hackers make their way into the system? Through a single compromised password, reports Bloomberg.
In the immediate aftermath of that breach, which resulted in the Colonial Pipeline Co. paying the hackers $4.4 million in ransom money, the Transportation Security Administration (TSA) issued a security directive for companies in the pipeline sector. Months later, after more time to digest what went wrong with the Colonial Pipeline and the threat of additional cybersecurity issues continually looming, TSA recently released a follow-up security directive.
In today’s post, we’ll review some of the new measures installed by TSA. We’ll highlight how EnSight+ can help companies that handle sensitive data to improve business intelligence, compliance, and cybersecurity.
While TSA has worked with pipeline owners, operators, and partners “across the federal government to enhance the physical security preparedness of U.S. hazardous liquid and natural gas pipeline systems” since 2001. TSA’s May directive made things clear that more stringent standards were needed.
TSA announced it would now require pipeline owners and operators to report any real or perceived cybersecurity incidents. Also, to designate a “Cybersecurity Coordinator” who must be available at all times. The agency also asked pipeline owners and operators to self-assess any vulnerabilities and present proposed solutions within 30 days.
The most recent directive took it a step further, requiring pipeline owners and operators to “implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review.”
On the same day, TSA released the follow-up directive, the Cybersecurity and Infrastructure Security Agency (CISA) also announced an alert detailing an investigation that found 23 gas pipeline operators were targeted by a spear-phishing and intrusion campaign between December 2011 and 2013—of which 13 companies were found to be compromised.
Hackers are constantly developing new methods for accessing company data, so it’s imperative for every utility to ensure a sharp focus on cybersecurity. At EnSight+, it’s one of our top priorities. This is evident in the preventive measures we’ve put in place as part of our continuous development. We stay abreast of new and existing cybersecurity threats to constantly evaluate our solution for potential weaknesses.
We secure oil and gas utilities’ networks with full SAML 2.0 integration to support single sign-on from the server or client-side. EnSight+ can also deploy two-factor authentication for any remote log-in. If a password is ever lost or stolen, hackers remain locked out.
Our accessibility restrictions allow leadership to define custom permissions based on employee type, title, or level. Give certain employees access to the data you want them to have. while preventing unauthorized access. For example, admins can choose to block specific IP addresses, limiting access to the system.
Not sure where to start? Our data security team can identify weaknesses within your network. Delivering regular threat assessments on what could be coming down the pike. EnSight+ also provides extensive training. Including teaching your employees how to track and report on cybersecurity threats in accordance with TSA regulations.
To learn more about how we keep oil and gas utilities’ data safer and more secure, book a demo today.
All monitored by you, in real time. Are you ready to take control?