Companies have been reporting incidents since day one of the agency's May 28 security directive aimed at critical pipelines, Pekoske told CNN in an interview. Reporting of cybersecurity incidents has ramped up since the directive, according to Pekoske, who said the reports will help TSA understand the risks facing the industry. Prior to the directive, reporting was voluntary. The directive includes a requirement for around 100 critical pipeline companies to report cybersecurity incidents to the Department of Homeland Security's cybersecurity agency within 12 hours, a DHS official previously said. The agency, Pekoske told CNN, is reviewing longer-term cybersecurity efforts, but no decisions have been made yet.

Source: CNN July 28, 2021 02:15 UTC