Best Practices: How to Prepare for Your TSA Security Directive

On October 27th, 2022, pipeline owners and operators in scope of the latest security directive have 90 days to develop and submit a Cybersecurity Implementation Plan for view and approval--or be subject to hefty fines.

Click here for an overview of the Best Practices: How to Prepare for Your TSA Security Directive.

We have put together a checklist to help you begin planning and development to meet the deadline. We recommend that pipeline security and compliance teams leverage this checklist as a starting point and walk backward to assess the gap between the information you currently have available and the expected deliverables from TSA.

Need help? Contact us [LINK] today and let us help you prepare.

1. Review: Firewall Auditing, Documentation, Architecture:
   1. i) Import your firewall configuration into a network modeling solution (NP-View).
   2. ii) Review the network topology diagram, label critical assets, and document network zones.
   3. iii) Review and document communication paths to/from critical cyber assets.

1. Review: TSA’s Network Segmentation Requirements / Network Interdependencies to Meet TSA Directives:
   1. i) Document network zone communications through path analysis.
   2. ii) Label communication paths based on risk criticality (e.g., interactive remote access).
   3. iii) Export topology diagram and communication path table to show compliance with TSA's network segmentation requirements.

1. How to Self-Audit Firewalls to Meet TSA Directives:
   1. i) Review risk assessment reports to identify overly permissive rules, unused objects, and misconfigurations using a firewall modeling solution (NP-View).
   2. ii) Verify network zone communications through path analysis.
   3. iii) Export and document audit reports.

1. Keep Good Documentation of Firewall Rules for TSA Compliance
   1. i) Adopt an independent firewall rule review process.
   2. ii) Define a standard rule documentation format.
   3. iii) Verify rule documentation at least quarterly.

1. Automating/Updating Network Diagrams for TSA Compliance
   1. i) Deploy a network modeling platform that connects to the firewall configuration backup system.
   2. ii) Define the scope of topology views based on sites and criticalities.
   3. iii) Configure notifications to be alerted of network diagram changes automatically.

The fastest and most comprehensive way to produce accurate network diagrams and comprehensive firewall rulesets and filtering policies under such a tight deadline is to use network modeling technology. Network modeling – or dynamic network representation – means proactively understanding which assets can connect to which services by building a model of the network using the configurations of OT firewall and router devices. It provides accurate, instant visibility of the network architecture and enables risk assessment without having to deploy any sensor or agent in the environment.

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.  Our platform takes essential auditing technology and makes it continuous for proactive OT network security that builds cyber resiliency. NP-View creates intuitive topological maps that serve as a GPS for both technical and non-technical users, providing a unified ruleset review and insight into how to ensure network security.

Preparing for a TSA audit is simple with NP-View.

NP-View runs on-premise as a lightweight desktop application designed to save up to 80% of the time required to audit complex firewalls. This time saving has helped customers go from audits taking 3-4 weeks to 3-4 hours.

Contact us to learn more and strengthen your TSA Cybersecurity Implementation Plan.

+1 (872) 245-4100 | info@network-perception.com