Critical Infrastructure Policy: Information Sharing and Disclosure Requirements After the Colonial Pipeline Attack [May 24, 2021] [open pdf - 566KB]
From the Document: "The ransomware [hyperlink] attack against the Colonial Pipeline Company spurred panic buying and fuel shortages along the Eastern Seaboard. Although the attack [hyperlink] did not target pipeline control systems, it forced the temporary suspension of fuel shipments via a major pipeline network, according to a company statement [hyperlink]. The Biden Administration announced Executive Order (E.O.) 14028 (the EO), 'Improving the Nation's Cybersecurity' [hyperlink] on May 12, 2021, framing it as a response to the pipeline incident and other recent cyberattacks. While the EO creates requirements that apply to federal agencies and government contractors, the Administration hopes that these actions will have a secondary effect [hyperlink] of improving cybersecurity among critical infrastructure companies."
CRS Insight, IN11683
Congressional Research Service: https://crsreports.congress.gov/