TSA seeks to bolster its understanding of pipeline and rail cyber risk management through notice of rulemaking

An advance notice of proposed rulemaking from the Transportation Security Administration aims to formalize and build on cybersecurity requirements for the pipeline and rail sectors that were implemented through emergency directives, and includes a series of questions intended to deepen its understanding of industry risk management practices.

The TSA ANPRM was published today in the Federal Register, opening a 45-day public comment period.

“TSA has said publicly that the previously issued security directives were designed to address short-term and...