LegisTrack
Back to all bills
HR 5062119th CongressIntroduced

Pipeline Security Act

Introduced: Aug 29, 2025
Sponsor: Rep. Johnson, Julie [D-TX-32] (D-Texas)
Infrastructure
View on Congress.gov
Standard Summary
Comprehensive overview in 1-2 paragraphs

The Pipeline Security Act would codify and broaden the Transportation Security Administration’s (TSA) responsibility for securing pipeline transportation and pipeline facilities against cyber threats, acts of terrorism, and other security risks. Working with the Cybersecurity and Infrastructure Security Agency (CISA) as appropriate, TSA would develop and enforce guidelines, directives, and regulations grounded in the NIST Cybersecurity Framework, share threat information with relevant stakeholders, and assess and inspect how pipeline owners/operators implement security measures. The bill also requires industry engagement, a workforce strategy, biennial congressional reporting, and a GAO review to evaluate implementation. In short, it creates a formal, ongoing federal role for TSA (with DHS cyber coordination) to oversee and strengthen pipeline security across cyber and physical dimensions.

Key Points

  • 1Establishes TSA as the lead federal agency responsible for securing pipeline transportation and facilities against cybersecurity threats, terrorism, and other security threats, with consultation from CISA as appropriate.
  • 2Requires TSA to develop and update security guidelines aligned with the NIST Framework for Improving Critical Infrastructure Cybersecurity, issue additional directives/regulations as needed, and share guidance and threat information with applicable federal, state, local, tribal, territorial, and private sector partners.
  • 3Mandates assessment, inspection, and risk ranking of pipeline security practices and facilities, and empowers TSA to inspect facilities designated as critical by owners/operators under the new guidelines and regulations.
  • 4Requires TSA to convene at least one industry day within one year to engage stakeholders on pipeline security and to provide biennial oversight reports to relevant congressional committees.
  • 5Creates a personnel strategy within 180 days to outline necessary cybersecurity expertise, plans to grow that expertise within TSA, and resource needs; requires submission of the strategy to Congress.
  • 6Adds a GAO review to evaluate the law’s implementation within two years of enactment.

Impact Areas

Primary group/area affected: Pipeline owners and operators (infrastructure security, cybersecurity posture, and compliance with TSA-driven guidelines and directives).Secondary group/area affected: Federal agencies (TSA and CISA coordination), state/local/tribal/territorial authorities, and private sector stakeholders involved in pipeline transportation and facilities.Additional impacts: Potential changes in regulatory burden and compliance costs for pipeline operators; enhanced information sharing about cybersecurity threats; strengthened federal oversight and accountability through periodic Congressional reporting and a follow-up GAO review.
Generated by gpt-5-nano on Oct 8, 2025