[TheRecord] TSA to issue new cyber regulations for rail, aviation sectors

The Transportation Safety Administration will issue cybersecurity regulations later this year for “higher-risk’’ railroad and rail transit systems and the aviation sector, Homeland Security Secretary Alejandro Mayorkas announced on Wednesday.

The forthcoming rules from the Homeland Security Department component mark the Biden administration’s latest steps to boost the cyber defenses of critical infrastructure operators against hacks after the high-profile ransomware attack on the Colonial Pipeline. 

TSA issued two security directives to secure pipelines against breaches following the incident, which sparked temporary fuel shortages along the eastern seaboard. President Joe Biden also signed a far-reaching executive order designed to improve federal cybersecurity and congressional lawmakers are pushing new incident reporting legislation.

“Reducing cybersecurity risk is in every organization’s self-interest, especially considering the indiscriminate nature of ransomware,” DHS Secretary Alejandro Mayorkas said during a virtual appearance at the Billington CyberSecurity Summit. Reuters first reported the new regulations.

The directive will require railroad operators and rail transit companies to “identify a cybersecurity point person” charged with reporting incidents to the Cybersecurity and Infrastructure Security Agency. Entities will also have to create “contingency and recovery plans” in the event of cyberattacks.

For “lower-risk surface entities” TSA will “issue separate guidance that encourages, rather than requires, these entities to take the same measures,” according to Mayorkas.

In terms of the aviation sector, TSA will mandate “critical U.S. airport operators, passenger aircraft operators, and all cargo aircraft operators” to designate a cybersecurity coordinator and report cyber incidents to CISA,” he said, adding the aviation regulations would come out around the time DHS wraps a surface transportation cybersecurity sprint it launched last month.

TSA will expand the pool of covered entities “gradually” and “consider additional measures over time,” the DHS chief said.

The post TSA to issue new cyber regulations for rail, aviation sectors appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] The VC View: Enabling Business via IT Security

All posts, Security Week

The opportunity for the security industry is to build a remote-ready security program that is equally secure for remote and in-office workers read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] [Whitepaper] Automate Your Security with Cynet to Protect from Ransomware

All posts, HackerNews

It seems like every new day brings with it a new ransomware news item – new attacks, methods, horror stories, and data being leaked. Ransomware attacks are on the rise, and they’ve become a major issue for organizations across industries. A recent report estimated that by 2031, ransomware attacks would cost the world over $260 […]

Read More

[ThreatPost] 5 Tips to Prevent and Mitigate Ransomware Attacks

All posts, ThreatPost

Ransomware attacks are increasing in frequency, and the repercussions are growing more severe than ever. Here are 5 ways to prevent your company from becoming the next headline. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.