TSA issues security rules for rail operators
Lindsey O’Donnell-Welch reports:
New cybersecurity requirements from the Transportation Security Administration (TSA) give freight railroads, passenger rail and rail transit operators a 24-hour deadline for reporting security incidents.
Starting on Dec. 31, “high-risk” operators and owners across the rail sector must take a number of steps to bolster the cybersecurity of their systems. They must designate a cybersecurity coordinator, implement security incident response plans with the intent of reducing the risk of operational disruption, complete a vulnerability assessment to identify potential security holes in their systems and report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours.
Read more at Decipher.