Alejandro Mayorkas

TSA to issue cybersecurity requirements for US rail, aviation…

New rules include reporting incidents to CISA and naming cybersecurity leads, but experts and industry representatives cite lack of input.

After issuing cybersecurity requirements for pipeline companies via two directives earlier this year, the Transportation Safety Administration (TSA) will now also issue cybersecurity requirements for rail systems and airport operators. The two pipeline directives followed a high-profile ransomware attack on Colonial Pipeline that shut off oil flow to the East Coast in May, sparking gas shortages and panic buying.

“TSA’s broad responsibilities cover security at our airports, highways, and traffic management systems, pipelines, mass transit terminals and hubs, and subways and metros that carry billions of passengers every year,” Department of Homeland Security (DHS) Secretary Alejandro Mayorkas said in announcing the new regulations yesterday. “Whether by air, land, or sea, our transportation systems are of utmost strategic importance to our national and economic security.”

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Iwan Shimko on Unsplash

Articles

TSA issues second cybersecurity directive for pipeline companies

Experts applaud the agency’s new, detailed security requirements for US pipeline operators but question how they will be enforced or monitored.

The Department of Homeland Security’s (DHS) Transportation Safety Administration (TSA) yesterday announced a second security directive that requires owners and operators of TSA-designated critical pipelines to implement cybersecurity measures that help protect against malicious digital incidents. This directive is a more expansive follow-up to an initial pipeline security directive issued on May 27, roughly two weeks after the highly disruptive ransomware attack against Colonial Pipeline.

The initial directive required pipeline companies to report cybersecurity incidents to DHS’s Cybersecurity and Infrastructure Security Agency (CISA). It also required pipeline owners and operators to designate a cybersecurity coordinator available around the clock to coordinate cybersecurity practices and any cybersecurity incidents with TSA and CISA. Finally, that directive required companies to examine their cybersecurity practices and assess risks, identify gaps, develop remediation measures, and report the results to TSA and CISA.

This article appeared in CSO Online. To read the rest of the article please visit here.

Photo by Mike Benna on Unsplash

Articles

TSA’s pipeline cybersecurity directive is just a first step…

The new, hastily announced security directive requires US pipeline companies to appoint a cybersecurity coordinator and report possible breaches within 12 hours.

The Transportation Safety Administration (TSA), an arm of the US Department of Homeland Security (DHS), released a Security Directive on Enhancing Pipeline Cybersecurity. TSA released the document two days after the Biden administration leaked the details of the regulations and less than a month after the ransomware attack on Colonial Pipeline created a significant gas shortage in the Southeast US.

As a result of post-9/11 government maneuvering, the TSA gained statutory authority to secure surface transportation and ensure pipeline safety. The directive follows largely ineffective, voluntary pipeline security guidelines established by the TSA in 2010 and updated in 2018.

This new regulation requires that designated pipeline security companies report cybersecurity incidents to the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) no later than 12 hours after a cybersecurity incident is identified. The TSA estimates that about 100 companies in the US would fall under the directive’s mandates.

This article appeared in CSO Online. To read the rest of the article please visit here.