How a major European electric distribution operator improved visibility, compliance, and operational resilience across 96,000 km of grid infrastructure.
TSA renewed and revised its pipeline cybersecurity directive in July 2024. The core requirements — Cybersecurity Implementation Plan, Incident Response Plan, and annual Cybersecurity Assessment Plan — remain in force. The 2024 revision adds several compliance-relevant clarifications pipeline operators should be aware of:
.svg){kind=icon}
MSSP liability is now explicit. If you've delegated any security measures to a Managed Security Service Provider, you retain sole compliance responsibility. TSA will hold the owner/operator accountable regardless of who's doing the work.
Authorized Representatives carry joint liability. Contractors or agents acting on your behalf — coordinating or executing CIP requirements — are now formally defined, and both parties are liable for non-compliance.
Assessment cadence clarified. At least one-third of your TSA-approved CIP must be assessed each year, with 100% coverage over any rolling three-year period. Annual CAP submissions and reports are due no later than 12 months from TSA's approval of the previous CAP.
"Operational disruption" redefined. The directive now ties disruption to "business critical functions" — your own determination of the capacity and capabilities needed to meet operational and supply chain obligations. This gives operators more definitional control but also more documentation responsibility.
The directive is still performance-based — not prescriptive. TSA continues to inspect against your approved CIP, not a fixed checklist. That means the depth and accuracy of your asset inventory, change records, and traffic snapshots are the actual evidence base at inspection time.
TSA may request to inspect or copy any of the following at any time. Industrial Defender surfaces each item directly on the intuitive platform.
Hardware and software inventory including SCADA systems, PLCs, RTUs, and HMIs — with firmware versions, OS, open ports, and PLC key switch positions captured actively, not inferred from network traffic.
Complete firewall ruleset collection from OT network perimeters, including rule-by-rule visibility and change history to demonstrate ongoing configuration management.
Network diagrams, switch and router configurations, architecture diagrams, publicly mutable IP addresses, and VLAN documentation — maintained as a living record, not a one-time snapshot.
Documentation supporting your Cybersecurity Implementation Plan, Incident Response Plan, and Assessment Program — with audit trail evidence of actual implementation, not just written policy.
Endpoint and OT system logs collected automatically and stored with historical context. No manual log collection required at inspection time
Passive network traffic analysis tells you what's communicating. It cannot tell you:
Industrial Defender actively communicates with your OT assets at the device level — the same way your engineering tools do — so you get the configuration data, firmware versions, firewall rules, and user accounts that passive-only tools miss entirely.
Industrial Defender has been actively collecting OT device data safely since 2006, across the largest critical infrastructure operators in the United States. Active collection is operationally safe — your pipeline does not need to go offline for ID to do its job.
Industrial Defender includes pre-built, audit-ready report templates designed for TSA's pipeline Security Directive, as well as the other frameworks your OT security program operates under.
No custom report development required — reports are available on demand, on the same timeline TSA inspectors work on.
Industrial Defender supports the full range of OT assets common to midstream and downstream pipeline operations — including assets that are air-gapped, remote, or sensitive to network communication.
For environments where persistent agents aren't practical, ID Reach is a portable Windows executable that collects the same depth of data with no installed service and no footprint left behind.
