Pipeline operators — oil, gas, and water — control physical infrastructure through SCADA systems that, if compromised, can cause environmental damage, supply disruption, and public safety incidents, as the Colonial Pipeline ransomware attack demonstrated when it triggered the first-ever US emergency declaration for a cybersecurity event. TSA Pipeline Security Directives issued from 2021 onward mandate access-control measures, network segmentation, and incident response planning for critical pipeline operators, creating a regulatory forcing function for Zero Trust OT adoption in the energy sector.
Related: Zero Trust for OT · SCADA · NERC CIP · Energy · Utilities