April 25, 2024
Daily News
Rail groups urge cautious approach to regulation in TSA process, cite existing cyber risk management efforts
Railroad groups want the Transportation Security Administration to switch tracks in a cybersecurity regulatory proceeding and defer to the industry’s ongoing cyber risk management programs, while also scrapping plans for a TSA incident reporting requirement as CISA develops a notification rule.
“In general, TSA has not identified a need for regulation of CRM, nor has it articulated any specific problem faced by the railroad industry, aside from general statements that rail may be vulnerable to cyber-attacks,” the Association of American...