This rule emphasizes performance-based standards aligned with the National Institute of Standards and Technology (NIST) cybersecurity framework and follows standards from the Cybersecurity and Infrastructure Security Agency (CISA). It builds on cybersecurity measures that TSA has enforced through Security Directives since 2021.
A notable part of the rule requires transportation operators to implement a comprehensive cyber risk management (CRM) program, which includes annual enterprise-wide cybersecurity evaluations and detailed strategies for incident response and recovery. Operators are expected to monitor systems, maintain backups, and adopt robust protocols like patch management and network segmentation to reduce vulnerabilities. Furthermore, TSA proposes requiring annual assessments and audits of these cybersecurity plans to ensure effectiveness, with an independent evaluation process to avoid potential conflicts of interest.
In a statement, TSA Administrator David Pekoske highlighted the collaboration between TSA and industry stakeholders to boost cybersecurity resilience, inviting public and industry feedback on the proposed regulations. Stakeholders have until February 5, 2025, to submit feedback on potential impacts, including economic and operational effects.
The proposed rule also includes provisions for a new requirement for TSA-approved cybersecurity assessment plans (CAP), which would mandate yearly assessments and audits. Furthermore, there is a proposal for mandatory security threat assessments for cybersecurity coordinators and executives involved in managing these CRM programs.
As cyber threats evolve, TSA’s initiative represents a significant push to secure the nation’s surface transportation systems, reflecting a commitment to building a stronger cybersecurity framework to protect critical infrastructure.
Source: Industrial Cyber
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.