TSA releases security directives for railroad operators in freight and passenger sectors

The Transportation Security Administration has issued two security directives targeted at high risk freight railroad entities and passenger rail transit operators, establishing requirements for each organization to designate a cybersecurity coordinator and report cybersecurity incidents within 24 hours.

The directives released today apply to the freight railroad carriers and passenger railroad carriers or rail transit systems. They are nearly identical but released separately to comply with TSA’s current statutory authorities.

The directives outline “four critical actions” operators must...