United States of America: TSA announces second Security Directive with cybersecurity measures for critical pipeline operators

On 20 July 2021, the US Department of Homeland Security's Transport Security Administration (TSA) announced a second Security Directive with cybersecurity requirements for critical pipeline operators, following the one published on 27 May 2021. Although the directive is not publically available, according to the official press release, it requires the operators to mitigate cybersecurity risks such as ransomware attacks. Pipeline operators are held to establish a cybersecurity contingency and recovery plan and to implement cybersecurity architecture design reviews.