TSA Announces Proposed Rule That Would Require The Establishment Of Pipeline And Railroad Cyber Risk Management Programs

(MENAFN- PR Newswire)

WASHINGTON, Nov. 6, 2024 /PRNewswire/ -- The transportation Security Administration (TSA) published a Notice of Proposed Rulemaking
that proposes to mandate cyber risk management and reporting requirements for certain surface transportation owners and operators.

"TSA has collaborated closely with its industry partners to increase the cybersecurity resilience of the nation's critical transportation infrastructure," said TSA Administrator David Pekoske. "The requirements in the proposed rule seek to build on this collaborative effort and further strengthen the cybersecurity posture of surface transportation stakeholders. We look forward to industry and public input on this proposed regulation."

This rule
proposes to continue TSA's commitment to performance-based requirements. Building on the performance-based cybersecurity
requirements
TSA previously issued via annual Security Directives since 2021, the proposed rule leverages the cybersecurity framework developed by the National Institute of Standards and Technology and the cross-sector cybersecurity performance goals developed by the Cybersecurity and Infrastructure Security Agency (CISA).

Consistent with these requirements and standards, this rule proposes:

To require that certain pipeline, freight railroad, passenger railroad and rail transit owner/operators with higher cybersecurity risk profiles establish and maintain a comprehensive cyber risk management program;
To require these owner/operators, and higher-risk bus-only public transportation and over-the-road bus owner/operators, currently required to report significant physical security concerns to TSA to report cybersecurity incidents to CISA; and
To extend to higher-risk pipeline owner/operators TSA's current requirements for rail and higher-risk bus operations to designate a physical security coordinator and report significant physical security concerns to TSA.

TSA asserts that maintaining an effective cybersecurity posture is critically important to ensuring that the surface transportation sector is prepared for, and able to manage, cyber risks. The requirements contained in this
proposed rule would
strengthen cybersecurity resilience across the surface transportation systems sector.

SOURCE Transportation Security Administration

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE? 440k+
Newsrooms &
Influencers 9k+
Digital Media
Outlets 270k+
Journalists
Opted In GET STARTED

MENAFN06112024003732001241ID1108857638

Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.