"This Security Directive requires three critical actions. First, it requires TSA-specified
Owner/Operators to report cybersecurity incidents to the Department of Homeland Security's
Cybersecurity and Infrastructure Security Agency (CISA). Second, it requires Owner/Operators
to designate a Cybersecurity Coordinator who is required to be available to TSA and CISA 24/7
to coordinate cybersecurity practices and address any incidents that arise. Third, it requires
Owner/Operators to review their current activities against TSA's recommendations for pipeline
cybersecurity to assess cyber risks, identify any gaps, develop remediation measures, and report
the results to TSA and CISA."
Security Directive Pipeline-2021-01