PIPELINE SECURITY An Overview of TSA Programs

Similar documents
The Office of Infrastructure Protection

Cybersecurity Overview

American Association of Port Authorities. Navigating the Cyber Domain. Homeland Security UNCLASSIFIED

NW NATURAL CYBER SECURITY 2016.JUNE.16

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Department of Homeland Security Updates

National Policy and Guiding Principles

DHS Cybersecurity: Services for State and Local Officials. February 2017

TSA/FTA Security and Emergency Management Action Items for Transit Agencies

DHS Supply Chain Activity: Cross-Sector Supply Chain Working Group and Strategy on Global Supply Chain Security

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

STRATEGIC PLAN VERSION 1.0 JANUARY 31, 2015

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Statement for the Record

National Preparedness System (NPS) Kathleen Fox, Acting Assistant Administrator National Preparedness Directorate, FEMA April 27, 2015

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Energy Assurance State Examples and Regional Markets Jeffrey R. Pillon, Director of Energy Assurance National Association of State Energy Officials

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Emergency Support Function #12 Energy Annex. ESF Coordinator: Support Agencies:

Control Systems Cyber Security Awareness

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

Critical Infrastructure Sectors and DHS ICS CERT Overview

Mitigation Framework Leadership Group (MitFLG) Charter DRAFT

The Office of Infrastructure Protection

PREPARED STATEMENT OF ERNEST R. FRAZIER, SR., ESQ. AMTRAK, CHIEF OF POLICE AND SECURITY DEPARTMENT

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Grid Security & NERC

The Office of Infrastructure Protection

Quadrennial Homeland Security Review (QHSR) Ensuring Resilience to Disasters

EXECUTIVE ORDER Chemical Facility Safety and Security: Providing ProtecFon Reduces Risk

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

CALIFORNIA CYBERSECURITY TASK FORCE

The Office of Infrastructure Protection

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

U.S. Department of Homeland Security Office of Cybersecurity & Communications

STRATEGIC PLAN. USF Emergency Management

Updates to the NIST Cybersecurity Framework

The Office of Infrastructure Protection

Good morning, Chairman Harman, Ranking Member Reichert, and Members of

The Office of Infrastructure Protection

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

South Dakota Utah Wyoming Needs and Challenges Funding assistance Training Federal program enhancements Exercises

Information Collection Request: The Department of Homeland. Security, Stakeholder Engagement and Cyber Infrastructure

Region Snapshot Regions I and II

Energy Assurance Plans

Actions to Improve Chemical Facility Safety and Security A Shared Commitment Report of the Federal Working Group on Executive Order 13650

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Alternative Fuel Vehicles in State Energy Assurance Planning

Awareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology

Standards. Howard Gugel, Director of Standards Board of Trustees Meeting February 11, 2016

Executive Order on Coordinating National Resilience to Electromagnetic Pulses

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team

Global Resilience Federation Trust. Collaboration. Community. Cindy Donaldson President, Global Resilience Federation October 2017

Member of the County or municipal emergency management organization

S&T Stakeholders Conference

Water Information Sharing and Analysis Center

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Critical Infrastructure Protection and Suspicious Activity Reporting. Texas Department of Public Safety Intelligence & Counterterrorism Division

Critical Infrastructure Partnership

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

National Preparedness System. Update for EMForum June 11, 2014

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Cyber Security & Homeland Security:

79th OREGON LEGISLATIVE ASSEMBLY Regular Session. Senate Bill 90

Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

NGA Governor s Energy Advisors Energy Policy Institute Resiliency Panel

Cybersecurity and Data Protection Developments

Physical Security Reliability Standard Implementation

The Australian Government s Approach to Critical Infrastructure Resilience

Overview of the Federal Interagency Operational Plans

Emergency Management Response and Recovery. Mark Merritt, President September 2011

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

FEMA Update. Tim Greten Technological Hazards Division Deputy Director. NREP April 2017

Critical Infrastructure Mission Implementation by State, Local, Tribal, and Territorial Agencies and Public-Private Partnerships.

The Office of Infrastructure Protection

Panel 1 National CSIRT Experience

POSITION DESCRIPTION

Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management

AAPA Smart Ports. Cyber Management for Ports Panel. Small Port Cyber Security Workshops. March 6, 2018

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security

Hazard Management Cayman Islands

HPH SCC CYBERSECURITY WORKING GROUP

COMMISSION RECOMMENDATION. of on Coordinated Response to Large Scale Cybersecurity Incidents and Crises

Transit Safety and Security. Lynn Spencer Director, Office of System Safety Office of Transit Safety and Oversight May 16, 2016

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

Earthquake Preparedness

Department of Homeland Security Science and Technology Directorate

Community-Based Water Resiliency

ASEAN COOPERATION ON DISASTER MANAGEMENT. Disaster Management & Humanitarian Assistance Division, ASEAN Secretariat

Response to Wood Buffalo Wildfire KPMG Report. Alberta Municipal Affairs

2017 SPRING INTERNSHIP PROGRAM OPPORTUNITY

California Cybersecurity Integration Center (Cal-CSIC)

DHS Election Task Force Updates. Geoff Hale, Elections Task Force

National Level Exercise 2018 After-Action Findings

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

Transcription:

PIPELINE SECURITY An Overview of TSA Programs Jack Fox Pipeline Industry Engagement Manager Surface Division Office of Security Policy & Industry Engagement May 5, 2014

TSA and Pipeline Security As the Co-Sector Specific Agency for the Transportation Sector, TSA s pipeline security responsibilities include: Natural gas and hazardous liquid transmission pipelines, Natural gas distribution pipelines, and Toxic inhalation hazard (TIH) pipelines. In addition to the pipeline itself, TSA s responsibilities include those facilities through which natural gas, hazardous liquids, and TIH materials move in transportation, such as compressor and pumping stations, metering and regulator stations, and breakout tanks.

Strategy for Pipeline Security Reduce the risk associated with the transportation of natural gas, hazardous liquids and TIH materials by pipeline Increase the security preparedness of the pipeline industry Objectives Enhance deterrence and mitigate vulnerabilities Enhance pipeline system resiliency Increase the level of domain awareness and info sharing

TSA s Risk Based Focus on Pipelines Objective: Ensure program funding and personnel resources are appropriately directed towards risk reduction activities on critical pipeline infrastructure Analysis conducted of hazardous liquid and natural gas transmission pipeline systems and natural gas distribution systems based on energy transported Results converted to common measure (therms) to allow comparison across pipeline systems Pipeline operators identify critical facilities based upon the criteria contained in the TSA Pipeline Security Guidelines

Pipeline Stakeholder Engagement Objective: Establish and maintain an effective network of pipeline industry and government partners, achieving productive communications and security information sharing

Pipeline Stakeholder Engagement Sector and Government Coordinating Councils Pipeline SCC provides a primary point of entry with industry representatives for addressing the entire range of pipeline security strategies, policies, activities, and issues. Pipeline GCC, the government counterpart for the SCC, coordinates pipeline security matters across governmental entities. To eliminate the need for multiple meetings with the same security partners, TSA worked closely with the Department of Energy to ensure the Pipeline SCC also functioned as the Pipeline Working Group within the Energy Sector.

Pipeline Stakeholder Engagement Pipeline Security Guidelines The Federal security framework for the pipeline industry is provided by the TSA Pipeline Security Guidelines. The current guidance was issued in December 2010 and updated in April 2011 to incorporate changes related to the implementation of the National Terrorism Advisory System. The Pipeline Security Guidelines were developed with the assistance of industry and government members of the Pipeline Sector and Government Coordinating Councils, industry association representatives, and other interested parties.

Pipeline Stakeholder Engagement Smart Practice Observations The Smart Practice document is a compilation of noteworthy practices that were observed by the Pipeline Branch during security reviews of pipeline companies. It is a tool available to companies looking for innovative pipeline security ideas in areas such as: Corporate security plans, Cyber security measures, Facility security measures, Personnel security, and Physical security and access controls

Pipeline Stakeholder Engagement Security Training Analysis of security review results indicated that some companies in the pipeline industry had inadequate security training for employees. As a result, Pipeline Branch developed: A security awareness training program highlighting the signs of terrorism and the employee s role in reporting suspicious activity An IED awareness video for pipeline employees An introduction to pipeline security training program for law enforcement officers

Pipeline Stakeholder Engagement Security Exercises Pipeline Branch has provided the Intermodal Security Training Exercise Program (I-STEP) to pipeline operators. I-STEP enhances the preparedness of our nation's pipeline systems through meaningful evaluations of prevention, preparedness, and ability to respond to security related incidents. An I-STEP exercise involving multiple pipeline system operators was conducted in 2013 to evaluate private sector and Federal agency response to a cyber incident. An annual goal of two pipeline security exercises has been established for this program.

Pipeline Stakeholder Engagement International Pipeline Security Forum Provides an opportunity for pipeline company, industry association, and government representatives to exchange security information and best practices Co-hosted by TSA and Natural Resources Canada Conducted annually, alternating between U.S. and Canadian locations The ninth Pipeline Security Forum was held in Ottawa, Ontario on October 30-31, 2013.

Pipeline Stakeholder Engagement Cybersecurity Cybersecurity Assessment and Risk Management Approach (CARMA) - Collaborated with key stakeholders to identify pipeline industry value chains, critical functions, and supporting cyber infrastructure Threat Information Sharing - Partnered with FBI and ICS-CERT to schedule and conduct classified nation-wide cyber threat briefings to cleared stakeholders National Security Agency Outreach Arranged a discussion between NSA analysts and pipeline operators, with the goal of assisting NSA with vulnerability analysis Harmonization of Federal Cybersecurity Efforts - Coordinated with DHS and DOE to harmonize existing cybersecurity risk management programs

Pipeline Stakeholder Engagement Federal Partners Coordination with the DHS National Protection and Programs Directorate Office of Infrastructure Protection Close collaboration with Sector Outreach and Programs Division Oil and Natural Gas Section Participation with Protective Security Coordination Division on Regional Risk Assessment Program activities relating to pipeline infrastructure Office of Cybersecurity and Communication Cybersecurity Assessment and Risk Management Approach program jointly initiated within the pipeline industry in May 2012 Coordination with the Industrial Control Systems Cyber Emergency Response Team to conduct threat briefings throughout the country for key pipeline industry personnel

Pipeline Stakeholder Engagement Canada Natural Resources Canada (NRCan) TSA, DHS IAIP, and DOE participated with NRCan in assessments of six cross-border pipeline systems. TSA and NRCan have co-sponsored the annual International Pipeline Security Forum since 2005. National Energy Board (NEB) TSA and NEB coordinate closely on pipeline security matters to include the exchange of information on assessment procedures, exercises, and security incidents. Canadian Standards Association TSA participated in the development of Canadian Standard Z246.1-09, Security management for petroleum and natural gas industry systems.

Pipeline Stakeholder Engagement Critical Energy Infrastructure Partnership Led by the Departments of State and Energy Work with foreign governments to assist with training and guidance on critical energy infrastructure issues TSA Pipeline has participated in the coordination and execution of the U.S. visits of foreign delegations from Qatar and Iraq, to include providing briefings on pipeline security efforts: Pipeline Branch has also assisted the State Department Energy Working Group with infrastructure security matters in Colombia

Pipeline Security Assessment Activities Objective: Identify shortfalls in pipeline security and develop programs and policies to upgrade industry security practices and secure high risk infrastructure

Pipeline Security Assessment Activities Corporate Security Reviews The CSR Program is an on-site security review with a pipeline company. Program goals include: Developing first hand knowledge of security planning and execution by critical pipeline operators Establishing and maintaining working relationships with key pipeline executives and security personnel Identifying and sharing smart practices observed throughout the industry

Pipeline Security Assessment Activities Critical Facility Security Reviews The Critical Facility Security Review program continues the on-site inspections of the physical security of critical pipeline facilities. In addition to the inspection of newly listed sites, TSA will revisit facilities to evaluate the implementation status of previous CFI security recommendations. Pipeline operators have updated their listings of critical facilities based on the revised criteria in the 2011 Pipeline Security Guidelines. Critical Facility Security Reviews were initiated in May 2012.

TSA Realignment Surface Division To develop risk-based transportation security policies and engages strategically with security partners in the development and implementation of the policies. Industry Engagement Branch Policy Analysis Branch Policy Execution Branch

Pipeline Strategy National Strategy Deterrence Detection Resilience

Contact Information Jack Fox Pipeline Industry Engagement Manager OSPIE Surface Division Transportation Security Administration Email: jack.fox1@dhs.gov Phone: (571) 227-1239

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback