The US Transportation Security Administration (TSA) has announced new cybersecurity requirements for airport and aircraft operators, which prioritises the development of network segmentation policies and controls.
These segmentation policies are aimed at enabling operational technology systems to safely run in case of a breach of an information technology system and vice versa.
TSA unveiled the amendment on an emergency basis as part of the Department of Homeland Security’s efforts to enhance cybersecurity resilience of the country’s vital infrastructure.
Under the new amendment, TSA-regulated entities will be required to develop an approved implementation plan, outlining the actions taken to boost their cybersecurity resilience and avoid infrastructure disruption.
Besides, the entities are required to evaluate the effectiveness of the actions and establish access control measures to prevent unlawful access to crucial cyber systems.
See Also:
They must also implement continuous monitoring and detection policies and lower exploitation risk of unpatched systems via application of security patches and updates for operating systems.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataThe move is part of TSA’s efforts, which requires critical transportation sector operators to combat cybersecurity risks.
It comes in the wake of continuous cybersecurity threats hitting the country’s critical infrastructure, including the aviation industry.
TSA administrator David Pekoske said: “Protecting our nation’s transportation system is our highest priority and TSA will continue to work closely with industry stakeholders across all transportation modes to reduce cybersecurity risks and improve cyber resilience to support safe, secure and efficient travel.
“This amendment to the aviation security programmes extends similar performance-based requirements that currently apply to other transportation system critical infrastructure.”