Petroleum group sees problems with use of CISA performance goals in TSA proposed cyber rule

The American Petroleum Institute is concerned with the inclusion of CISA’s cross-sector cyber performance goals in the Transportation Security Agency’s proposed rule to establish cyber regulations for the oil and natural gas sector, arguing that the goals could cause issues for energy sector operators.

“While API appreciates TSA’s efforts to align with the National Institute of Standards and Technology’s Cyber Security Framework, some of the specificity in the CPGs may not be fully appropriate in the natural gas and oil...