Sponsors (3)
The bill strengthens pipeline cybersecurity, coordination, and oversight to reduce the risk of attacks and supply disruptions, but does so at the cost of increased compliance expenses, potential consumer price impacts, and expanded federal authority that may strain state/local partners and operations.
Pipeline operators, utilities, and energy companies will receive NIST-aligned cybersecurity guidance plus improved federal threat-sharing coordination and TSA workforce development, strengthening defenses against cyber and terror attacks on pipeline infrastructure.
Commuters, businesses, and consumers will face a lower risk of fuel and commodity supply interruptions because improved pipeline security should reduce service disruptions.
State, local, and federal governments and Congress will gain greater transparency and oversight through required biennial TSA reports and a GAO review, improving accountability for pipeline security efforts.
Pipeline owners and operators will incur increased compliance costs from new inspections, directives, and required security measures, costs that are likely to be passed on to consumers as higher energy or transport prices.
State and local governments and partners may face expanded TSA regulatory and inspection authority, creating concerns about federal overreach and additional administrative burdens on those jurisdictions.
Rapid rulemaking or security directives could limit stakeholder input and risk operational disruption for some pipeline operators, potentially causing service interruptions or logistical challenges during implementation.
Based on analysis of 2 sections of legislative text.
Makes TSA responsible for securing pipelines from cyber, terrorism, and other threats and requires NIST-aligned guidance, inspections, reporting, and a TSA personnel strategy.
Introduced August 29, 2025 by Julie Johnson · Last progress August 29, 2025
Assigns the Transportation Security Administration (TSA), with consultation from CISA as appropriate, responsibility for securing pipeline transportation and pipeline facilities against cybersecurity threats, terrorism, and other security risks. Requires TSA to produce NIST-aligned cybersecurity guidance, issue security directives or regulations, share threat information, inspect and assess pipeline owners’ and operators’ security programs, identify and rank risks, hold at least one industry day within a year, report biennially to Congress, develop a personnel strategy within 180 days, and submit to a GAO implementation review within two years.