Cybersecurity, Privacy, & AI

Trending Now
5 Structural Barriers Breaking Your Cybersecurity Compliance Framework • Everyone’s Building AI Agents. Almost Nobody’s Ready for What They Do to Identity. • GAO Identifies Shortfalls in DCSA Industrial Data Security Oversight • Disclosed Government AI Use Increased by 70% in 2025, per OMB • Congress Tries Again on National Preemptive Data Privacy Law
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on December 6, 2021 • Cyber

DHS Adds Cybersecurity Guidelines for Rail Industry, Adjusts Pipeline Rules to Align

DHS Adds Cybersecurity Guidelines for Rail Industry, Adjusts Pipeline Rules to Align

BrandonKleinPhoto | Shutterstock

As promised by Secretary of Homeland Security Alejandro Mayorkas in October, TSA has issued new cybersecurity rules for the freight and passenger rail industries. Covered entities must designate a cybersecurity coordinator by December 31, complete a vulnerability assessment by March 31, and create an incident response plan by June 29. They also will need to report incidents to CISA within 24 hours.

TSA has also changed the criteria for pipeline operators to use in reporting cybersecurity incidents to CISA, in part responding to pushback from industry and Republican legislators against a May security directive. The changes generally align with the new standards for the rail industry. The agency also recently issued similar new rules for the aviation industry, including rules requiring a cybersecurity coordinator and setting a 24-hour deadline for incident reports.

Source:

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.

© PubKGroup 2024