One year in, TSA’s cybersecurity directive lays groundwork for railroad sector amid rising digital threats
October 23, 2024 – Published on Industrial Cyber
A year after the U.S. Transportation Security Administration (TSA) renewed cybersecurity requirements for passenger and freight railroad carriers, the focus remains on building cyber-resilient systems, proactive security tools, and rail-specific cybersecurity strategies. Increased digitalization and interconnectedness expose rail transportation to diverse cyber threats, including unauthorized access, data breaches, and potential disruptions to critical infrastructure.
While there is still more to accomplish, the advancements over the last year indicate that the directive has established a foundation for a more surface transportation sector.
Some of the key cybersecurity measures for railroad carriers include network segmentation to prevent the spread of cyber threats; access control to secure critical cyber systems; continuous monitoring to detect and respond to cyber threats; and reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers and firmware on critical cyber systems promptly using a risk-based methodology.
The TSA directive aimed at strengthening the cybersecurity of surface transportation systems has undoubtedly caught the attention of organizations across the sector, Christopher Warner, senior security consultant for OT Security – GRC at GuidePoint Security, wrote in an emailed statement. “However, the path to compliance hasn’t been smooth. While the urgency of improving cybersecurity is evident, many organizations have faced a daunting set of regulatory hurdles and human and financial resource constraints that slow down their efforts.”
“For many transportation operators, complying with the directive has been a significant resource drain,” according to Warner.
Read More HERE.