The Transportation Security Administration issued long-awaited directives Tuesday designed to enhance the cyber resilience of the nation’s freight and passenger rail systems. The measures are part of a wider effort by the Biden administration to protect critical infrastructure against malicious hacks.
Passenger and freight rail operators will be required to develop a TSA-approved Cybersecurity Implementation Plan, which describes specific measures the company is taking.
Companies will also need to establish a Cybersecurity Assessment Program, which will be used to conduct proactive testing and regular audits of cybersecurity upgrades and check for vulnerabilities in various systems, devices and networks.
“The nation’s railroads have a long track record of forward looking efforts to secure their network against cyberthreats and have worked hard over the past year to build additional resilience,” TSA Administrator David Pekoske said in the announcement Tuesday. “This directive, which is based on performance-based measures, will further these efforts to protect critical transportation infrastructure from attack.”
The Biden…
