The Transportation Security Administration (TSA) has issued new mandates requiring certain TSA-regulated airport and aircraft operators to put in place measures that will strengthen their cyber defenses as cyberattacks continue to rise and target critical sectors.
The agency said the order is part of the Department of Homeland Security’s efforts to enhance the cybersecurity resilience of U.S. critical sectors.
“Protecting our nation’s transportation system is our highest priority and TSA will continue to work closely with industry stakeholders across all transportation modes to reduce cybersecurity risks and improve cyber resilience to support safe, secure and efficient travel,” said TSA Administrator David Pekoske in a statement.
“This amendment to the aviation security programs extends similar performance-based requirements that currently apply to other transportation system critical infrastructure,” he added.
The new regulations would require the aviation sector to “develop an approved implementation plan that describes measures they are taking to improve their cybersecurity resilience.”
Last week, the Environmental Protection Agency (EPA) introduced a similar mandate for the water sector.
The order requires states to assess cybersecurity as part of their audits on public drinking systems.
“Cyber-attacks against critical infrastructure facilities, including drinking water systems, are increasing, and public water systems are vulnerable,” EPA Assistant Administrator Radhika Fox said in a statement. “EPA is taking action to protect our public water systems by issuing this memorandum requiring states to audit the cybersecurity practices of local water systems.”
