US Issues Cybersecurity Directive for Airlines and Railroads
The US has issued a new Transportation Security Administration mandate requiring all railroads and airlines to report cybersecurity breaches to the federal government. Cyber intrusions must be reported to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours of detection, according to the mandate. This includes rail operators, airline operators, and airport operators. All three types of operators will have to designate a cybersecurity coordinator under the mandate as well. Other requirements include that railroad operators must conduct a vulnerability review to figure out how vulnerable they are to cyberattacks.
All of the organizations will be required to create and implement a cybersecurity incident response plan. The regulations were announced last Thursday and will come into effect on the last day of December. Several cyberattacks targeting the rail sector have been reported this year, according to officials, including a ransomware strike on Toronto’s transit agency and a breach of New York’s Metropolitan Transportation Authority. The new rules bear similarities to mandates directed at improving the security of America’s pipelines, which were ordered in the wake of the cyberattack on Colonial Pipeline.