TSA renews cybersecurity requirements for passenger and freight railroad carriers
WASHINGTON, Oct. 23, 2023 /PRNewswire/ -- The Transportation Security Administration (TSA) announced updates to three security directives (SD) regulating passenger and freight railroad carriers in the continued effort to enhance the cybersecurity of surface transportation systems and associated infrastructure. These revised directives, which were set to expire on Oct. 24, have been renewed for one year, and include updates that seek to strengthen the industry's defenses against cyberattacks.
- WASHINGTON, Oct. 23, 2023 /PRNewswire/ -- The Transportation Security Administration (TSA) announced updates to three security directives (SD) regulating passenger and freight railroad carriers in the continued effort to enhance the cybersecurity of surface transportation systems and associated infrastructure.
- It requires TSA-specified passenger and freight railroad carriers to take action to prevent disruption and degradation to their infrastructure with a flexible, performance-based approach, consistent with TSA's requirements for pipeline operators.
- The revised security directives, Enhancing Rail Cybersecurity, and the revised SD series, Enhancing Public Transportation and Passenger Railroad Cybersecurity, include a requirement for covered owners and operators to test a minimum of two objectives in their Cybersecurity Incident Response Plan every year.
- To view TSA's security directives and guidance documents, please visit: TSA Cybersecurity Toolkit or https://www.tsa.gov/sd-and-ea .