The Transportation Security Administration (TSA) recently introduced two new security directives to strengthen cybersecurity to address ongoing threats to surface transportation systems and their infrastructure.
The directives, released alongside additional guidance for operators, are part of a strategy to increase the cybersecurity of the nation's critical infrastructure, including high-risk freight railroads, passenger trains and rail transit, a TSA press release said.
“These new cybersecurity requirements and recommendations will help keep the traveling public safe and protect our critical infrastructure from evolving threats,” Secretary of Homeland Security Alejandro N. Mayorkas said in the release. “DHS will continue working with our partners across every level of government and in the private sector to increase the resilience of our critical infrastructure nationwide.”
The directives require owners and operators to designate a cybersecurity coordinator; report cybersecurity incidents within 24 hours; develop and implement a cybersecurity incident response plan and complete a cybersecurity vulnerability assessment, the release said. Guidance is also being released by TSA recommending that low-risk surface transportation owners and operators adhere to the same guidelines.
The TSA gathered input from stakeholders and federal partners, the release said. This included the Cybersecurity and Infrastructure Security Agency, which provides expert guidance on cybersecurity threats to the transportation network and how to defend properly against attacks.
The TSA provides a ‘Surface Transportation Cybersecurity Toolkit’ on its website. It is a collection of documents for cyber risk management information surface transportation operators with less than 1,000 employees. Materials come from the National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity, Stop.Think.Connect and the U.S. Computer Emergency Readiness Team, according to the toolkit webpage.
“Cybersecurity threats are real, and they can have real consequences for an organization’s operations and profitability,” TSA said. “Exercising cybersecurity best practices help protect from potential damaging cyber-attacks.”
