The 2.5 million miles of pipelines interspersed across the United States are a key component of the Nation’s economy. This vast network is responsible for transporting oil, natural gas, and other commodities essential to the American way of life. Accordingly, identifying and mitigating risks to this vast physical network and the cybersecurity infrastructure that supports it is a matter of critical importance.
The Pipeline Cybersecurity Initiative leverages both the Sector Specific Agency expertise of the Transportation Security Administration (TSA) and CISA’s technical cybersecurity capabilities in order to identify and mitigate vulnerabilities to the pipeline ecosystem. This initiative enables pipeline owners and operators to identify and mitigate potential vulnerabilities through the use of three different voluntary assessments. These assessments—ranging from single and multi-day inspections executed by TSA pipeline inspectors to self-assessments conducted by industry partners—will provide invaluable information on pipeline assets. This data will be used to further enhance long-term pipeline cybersecurity risk analysis, planning, and coordination efforts between the public and private sectors. In addition to supporting these assessments, CISA is establishing internal risk analysis teams that will be able to assist industry partners’ efforts to combat threats to pipeline cybersecurity by providing the risk analysis that is critical to risk planning and risk mitigation efforts. Through these efforts, CISA is working to better partner with federal and industry partners in order to defend the Nation’s pipelines from emerging cybersecurity threats.