The Transportation Security Administration (TSA) has announced a second security directive, requiring pipeline owners to implement new safeguards against ransomware attacks. Which will be the most critical to implement in the given 90-day timeline?

Architecture Strategy

Specific ransomware mitigation measures17%

Developing/implementing cybersecurity contingency and recovery plans63%

Conducting a cybersecurity architecture design review19%

Other (please share below)

248 PARTICIPANTS

3k views1 Upvote1 Comment

Sort by:

Community Manager in Software4 years ago

You can find more information on the new TSA Security Directives here: https://www.dhs.gov/news/2021/07/20/dhs-announces-new-cybersecurity-requirements-critical-pipeline-owners-and-operators

Content you might like

Do you have controls in place to protect your virtual machines from hyperjacking attacks, in which bad actors target the hypervisor with malicious code?

Yes29%

We’re currently implementing these controls53%

We’re currently exploring solutions10%

No7%

Other (please specify)

View Results

As enterprise AI adoption accelerates, how is your organization adapting its governance and risk oversight to keep pace?

Established AI governance framework with defined policies and oversight37%

Currently developing governance models and risk controls63%

Relying on existing security/compliance frameworks (no AI-specific policy)27%

No formal AI governance approach in place4%

View Results

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group. Before we start we should conduct a risk assessment - my question is: can you recommend a tool or template?

Certificates of Insurance (COI): Collecting from Suppliers for Risk Mitigation • Does your company collect COIs annually from your suppliers? • What criteria do you use to determine from which suppliers to collect COIs annually? Are there industry benchmarks for this?

Procurement of bitcoin in ransomware situation. What are folks doing to prepare for the need of a large purchase of bitcoin in the need to pay ransomware. Yes ideally we would take the "we'll never pay approach" however, I think it's important to be realistic and in certain circumstances you may need to cross that line.
Are you tied into a retainer of some sort with an exchange or Bitcoin holding firm?

The Transportation Security Administration (TSA) has announced a second security directive, requiring pipeline owners to implement new safeguards against ransomware attacks. Which will be the most critical to implement in the given 90-day timeline?

Sort by:

Content you might like

Do you have controls in place to protect your virtual machines from hyperjacking attacks, in which bad actors target the hypervisor with malicious code?

As enterprise AI adoption accelerates, how is your organization adapting its governance and risk oversight to keep pace?

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group. Before we start we should conduct a risk assessment - my question is: can you recommend a tool or template?

Certificates of Insurance (COI): Collecting from Suppliers for Risk Mitigation • Does your company collect COIs annually from your suppliers? • What criteria do you use to determine from which suppliers to collect COIs annually? Are there industry benchmarks for this?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

IT and Infosec Collaboration on Vulnerability Patching

Hybrid Infrastructure

Generative AI for Supply Chain: Usage, Expectations & Roadblocks

Managing Burnout During a Supply Chain Crisis

Take Your Insights On-the-Go