U.S. rail companies must commit more attention and resources to cybersecurity under Transportation Security Administration directives announced Thursday by the Department of Homeland Security. The new requirements include that surface rail owner and operators designate a cybersecurity coordinator; report a cybersecurity incident to DHS’s cybersecurity agency within 24 hours; complete a vulnerability assessment; and create a plan to respond to cybersecurity incidents. The directives will cover approximately 80 percent of freight rail and 90 percent of passenger rail, according to a DHS official. DHS Secretary Alejandro Mayorkas announced that TSA would be rolling out directives for surface transportation in an October speech at the Billington cybersecurity summit. Early plans for the directives, which would have required companies to report incidents within 12 hours, received criticism from industry and Republicans. In October, Republicans led by Sen. Rob Portman of Ohio called for DHS’s OIG to investigate the directives, citing industry complaints that […]
The post Rail industry gets new cyber directives from TSA appeared first on CyberScoop.
Continue reading Rail industry gets new cyber directives from TSA→