TSA makes changes to new cyber requirements after industry feedback

The Transportation Security Administration is softening the deadlines on new cybersecurity requirements for major passenger and freight rail operators, as the agency’s leader said it learned from efforts earlier this year to begin regulating the cybersecurity of the pipeline sector.

TSA is expected to issue the new security directives for major railroad and rail transit entities in the coming weeks. The requirements include the designation of a cybersecurity coordinator, the reporting of cyber incidents to the Cybersecurity and Infrastructure Security Agency, conducting a cyber vulnerability assessment and the development of an incident response plan, according to TSA Administrator David Pekoske

“We’re looking at the entities that transport the largest number of passengers and the largest volume of cargo through the nation’s most populated metropolitan areas,” Pekoske said during a Nov. 18 meeting of the Surface Transportation Security Advisory Committee.

Read more…
Source: Federal News Network