The federal agency charged with protecting the nation’s pipelines hasn’t imposed any mandatory cybersecurity requirements since its creation in wake of the Sept. 11, 2001 terrorist attacks -- despite dire warnings from the intelligence community about vulnerability to hackers.
Instead, the U.S. Transportation Security Administration’s Pipeline Security Branch, which oversees nearly three million miles of pipelines, has relied on voluntary best practices and self-reporting by the industry to secure the operations. Those measures have alarmed pipeline safety advocates and been criticized as inadequate by government regulators and lawmakers.
“Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response ...