The U.S. Department of Homeland Security’s Transportation Security Administration said Thursday it has issued cybersecurity directives targeting higher-risk freight railroads, passenger rail and rail transit that are intended to protect transportation security.
The TSA said it issued additional guidance for voluntary measures to strengthen cybersecurity across the transportation sector.
The directives require owners and operators to designate a cybersecurity coordinator; report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency within 24 hours; develop and implement a cybersecurity incident response plan to reduce the risk of an operational disruption; and complete a cybersecurity vulnerability assessment to identify potential gaps or vulnerabilities in their systems.
The TSA also issued guidance recommending that all other lower-risk surface transportation owners and operators voluntarily implement the same measures.
The TSA also said it expects to initiate a rule-making process for certain surface transportation entities to increase their cybersecurity resiliency.
The U.S. Government Accountability Office says federal cybersecurity actions are urgently needed to better protect the nation’s infrastructure.
(Reuters) — Fliers may have a tough time recovering damages for invasive screenings at U.S. airport security checkpoints, after a federal appeals court on Wednesday said screeners are immune from claims under a federal law governing assaults, false arrests and other abuses.