The Transportation Security Administration (TSA) has issued a new, emergency directive to the cybersecurity programs of certain TSA-regulated airport and aircraft operators to better protect U.S. transportation systems from adversary cyberattacks.
TSA-regulated entities will be required to develop and put in place an approved plan that details measures they are taking to improve their cybersecurity resilience and prevent disruption and degradation to their infrastructure.
TSA's Action Items
TSA directed that aircraft and airport operators must regularly assess the effectiveness of these new measures, which include the following actions:
- Develop network segmentation policies and controls to ensure that operational technology systems can continue to safely operate in the event that an information technology system has been compromised, and vice versa.
- Create access control measures to secure and prevent unauthorized access to critical cyber systems.
- Implement continuous monitoring and detection policies and procedures to defend against, detect, and respond to cybersecurity threats and anomalies that affect critical cyber system operations.
- Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers and firmware on critical cyber systems in a timely manner using a risk-based methodology.
TSA Targets Railroad Cybersecurity
The move follows similar measures the TSA imposed on passenger and freight railroad carriers in October 2022. The agency said it is taking the emergency measure owing to persistent threats against U.S. infrastructure, including the aviation sector. Aviation partners participated in the process, TSA said.
Commenting on the agency's cybersecurity measures, TSA Administrator David Pekoske, said:
"Protecting our nation's transportation system is our highest priority and TSA will continue to work closely with industry stakeholders across all transportation modes to reduce cybersecurity risks and improve cyber resilience to support safe, secure and efficient travel. This amendment to the aviation security programs extends similar performance-based requirements that currently apply to other transportation system critical infrastructure."
TSA’s directive follows on the heels of President Biden’s National Cybersecurity Strategy that sketches a blueprint for how the federal government plans to deal with the immense volume of cyber threats hitting targets in the public and private sectors and critical infrastructure facilities.