D.C. Metro system beefs up supply-chain cybersecurity provisions for new railcars
The Washington, D.C., area’s Metro system, in response to U.S. senators who raised security concerns about a new line of railcars, now says it will use the National Institute of Standards and Technology’s cybersecurity framework to vet software and hardware proposed for the project. Bidders on the railcar procurement, worth an estimated $1 billion and covering up to 800 railcars, also will have to show evidence that a third party tested their software or hardware, Washington Metropolitan Area Transit Authority CEO Paul J. Wiedefeld said Wednesday. The NIST framework — used widely throughout other industries and government agencies — is a key part of the updated request for proposal, Wiedefeld wrote in a letter to Democratic senators from Virginia and Maryland. “We are confident that these approaches will impose appropriate controls that limit any malicious actor’s ability to embed malware and for WMATA to monitor and enforce security requirements,” Wiedefeld wrote to […]
The post D.C. Metro system beefs up supply-chain cybersecurity provisions for new railcars appeared first on CyberScoop.
Continue reading D.C. Metro system beefs up supply-chain cybersecurity provisions for new railcars