The U.S. pipeline infrastructure is critical to the functioning of the Nation’s economy. Composed of more than 2.7 million miles of pipeline, this vast network is responsible for transporting natural gas, liquid fuels, and other commodities for use in homes and businesses such as airports, power plants, farms, and refineries.
Over the years, pipeline owners and operators in the United States have become increasingly dependent on automation to drive their operations. While automation provides efficiency and reliability of services, it also creates new sources of risk for the safety and integrity of pipelines as systems are operated remotely through connected devices.
In October 2018, the U.S. Department of Homeland Security (DHS) created the Pipeline Cybersecurity Initiative—a collaborative, coordinated effort between CISA, the Transportation Security Administration (TSA), and other federal and private sector partners to enhance cybersecurity for the Nation’s pipelines.
Through the Pipeline Cybersecurity Initiative, CISA and its partners are working to develop a better understanding of cybersecurity risk across the pipeline infrastructure. By identifying vulnerabilities within the information technology (IT) and operational technology (OT) systems, this initiative is helping pipeline owners and operators harden their cybersecurity posture. Three primary functions of the Pipeline Cybersecurity Initiative include:
- Assessing the cybersecurity posture and preparedness of pipeline companies to identify significant vulnerabilities that increase the risk to key systems and reliable operations;
- Analyzing findings of pipeline cybersecurity risks to enhance risk mitigation strategies and develop informational tools that pipeline owners and operators can use to mitigate risks; and
- Engaging with interagency and industry partners and stakeholders to coordinate planning and operational activities by sharing information and leveraging expertise.
Assessing: To build a better understanding of the pipeline OT and IT cybersecurity environment, CISA and TSA are conducting voluntary, non-regulatory cyber assessments for pipeline owners and operators. These in-depth reviews provide CISA technical experts an opportunity to review network architecture design, system configuration and logs, and network traffic and provide recommendations on how owners and operators can improve their cybersecurity. To date, CISA and TSA have offered up to ten assessments each year for pipeline owners and operators. In 2021, CISA will increase this number to 52 assessments, thanks to the resources and partnership that TSA has brought to the assessment program.
Analyzing: CISA draws on the outputs of assessments to drive analysis that informs a broader picture of risk to critical infrastructure across the Nation. CISA reviews findings to determine vulnerability trends across the pipeline industry and potential cross-sector impacts resulting from those trends and share recommendations for mitigating the issues. Additionally, through the National Risk Management Center (NRMC), CISA partners with the National Laboratories to use innovative models and tools, OT network analysis, and simulations to better understand how cyber events affect individual pipeline systems and cause downstream, cascading impacts on dependent stakeholders across sectors—such as the energy and the transportation systems sectors.
Engaging: CISA is engaging with pipeline stakeholders across sectors and from all levels of government, academia, and the private-sector to ensure that its activities are informed not only through internal analysis and priority setting, but also through stakeholders’ self-identified needs. By working closely with its partners, CISA leverages their expertise to develop specific actions that companies can choose to undertake to mitigate the most significant cybersecurity threats. As a result, CISA, in partnership with TSA, has published a Pipeline Cyber Risk Mitigation Infographic to outline activities that improve the cybersecurity of pipeline IT and OT systems and mitigate exposure to some common risks.
Protecting the Nation’s pipeline ecosystem depends on a unified effort. CISA will continue to work with federal and private sector partners to address risk across pipeline sectors; building and strengthening relationships to prepare for, respond to, and mitigate against cybersecurity threats to our Nation’s pipelines.
To learn more about the Pipeline Cybersecurity Initiative and to view more resources, visit www.cisa.gov/pipeline-cybersecurity-initiative.