In the wake of the May 2021 ransomware attack on a major US oil pipeline, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has released a security directive1 (the “TSA Directive”) to better “identify, protect against, and respond to threats to critical companies in the pipeline sector.” The TSA Directive was released on May 27, 2021, and effective the next day.