US lawmakers mull pipeline security agency
The heads of US congressional committees on energy said November 30 a new entity should be created to address the reliability of the nation’s pipelines.
A subcommittee of the House Energy and Commerce Committee scheduled a hearing for December 7 to consider legislation that would enhance pipeline reliability.
A ransomware attack in May shut down the Colonial fuels pipeline, which meets about half of the demand for refined products on the eastern US seaboard. A February winter storm that brought freezing temperatures to Texas, meanwhile, idled large parts of the regional energy sector, from well heads to wind turbines.
House committee chairman Frank Pallone, Jr, a Democrat representing New Jersey, and subcommittee chairman Bobby Rush, a Democrat serving constituents in Illinois, said in a joint statement that ensuring pipeline security and reliability is “both necessary and urgent.”
“It’s time we face this challenge head-on and consider legislation to create a new entity charged with developing enforceable pipeline reliability standards, including cybersecurity, just as we have long had for the electric sector,” they said.
The US Department of Homeland Security issued mandates in July for pipeline owners and operators on cybersecurity. Through a new directive, they were called on to take specific mitigation measures against cybersecurity threats, develop recovery plans and perform regular cybersecurity reviews.
The operating company behind the Colonial pipeline brought the network back on line after paying a hefty ransom. A Russian-language group dubbed DarkSide took credit for the ransomware attack, prompting the federal government to form an emergency inter-agency task force to examine the issue
Meanwhile, three measures, HR 3119, 2931, and 2928, already passed through the House of Representatives. Broadly speaking, the measures would give the Department of Energy (DoE) more tools to address energy emergencies and cybersecurity threats.
From the private sector, cybersecurity company Dragos in September teamed with the Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC) “to strengthen security and community-wide visibility for industrial cybersecurity.”