The U.S. Department of Homeland Security (DHS) on Thursday issued cybersecurity requirements for natural gas and oil pipeline owners and operators in response to the ransomware attack on Colonial Pipeline Co. earlier this month.

The directive requires critical pipeline owners and operators to report confirmed and potential cybersecurity incidents to the DHS Cybersecurity and Infrastructure Security Agency (CISA). It also requires a cybersecurity coordinator be designated and available 24 hours a day, seven days a week.

“The cybersecurity landscape is constantly evolving and we must adapt to address new and emerging threats,” said DHS Secretary Alejandro Mayorkas.

The attack on Colonial, the country’s largest refined products pipeline, “demonstrates that the...