Blogs

After weekly meetings with APGA members and other pipeline operators in April and May, the Transportation Security Administration (TSA) published a new version of its Pipeline Security Directive (SD-02C). APGA and several other trade associations responded with comments on June 24. Operators were grateful that Administrator Pekoske and his team proposed an outcome-based program, which can be effective across the broad range of pipeline systems and adaptable to evolving threats. However, the trade associations felt it was important to comment on several of the broader, process-oriented issues SD-02C still presents, including the following:

• The time period to submit a Cybersecurity Implementation Plan (CIP) for TSA approval is insufficient.
• Industry has concerns about TSA’s ability to review and approve a large number of CIPs in a timely manner.
• TSA does not seem to appreciate the incredibly massive volume of data and materials requested to establish compliance with SD-02C.
• The compliance requirements to obtain approval from TSA not only to change its CIP, but also policies, procedures, or measures related to the CIP is burdensome and may impede operators’ desires to make updates or improvements.

TSA has engaged stakeholders effectively in the development of SD-02C, so hopefully, they will accommodate these few suggestions. This new version is expected to be finalized in late July. APGA staff will continue to inform the Security Task Group on the progress of this work. To see the comments, click here.

For questions on this article, please contact Stuart Saulters of APGA staff by phone at 202-544-1334 or by email at ssaulters@apga.org.