Branch Manager, Policy Development Branch, Surface Division

1652-AA74 202310 The Regulatory Plan and the Unified Agenda of Federal Regulatory and Deregulatory Actions 1652 Transportation Security Administration TSA 1600 Department of Homeland Security DHS Enhancing Surface Cyber Risk Management

On July 28, 2021, the President issued the National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. In response to the ongoing threat to pipeline systems, TSA used its authority under 49 U.S.C. 114 to issue emergency security directives to owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyber intrusions. TSA also issued security directives in the freight, passenger, and transit-rail sectors under the same statutory authority. TSA is committed to enhancing and sustaining industry’s resilience to cybersecurity attacks. TSA intends to issue a rulemaking that will permanently codify critical cybersecurity requirements for pipeline and rail modes. Through this rulemaking, TSA will also address certain requirements in the Implementing Recommendations of the 9/11 Commission Act of 2007 related to information and operational technology systems. TSA is committed to enhancing and sustaining cybersecurity for all modes of transportation and intends to issue a rulemaking that may codify these and other requirements following an opportunity for notice and comment. In addition to holding numerous technical roundtables with the industry regarding cybersecurity requirements, TSA also solicited public input in the development of this rulemaking through publication of an advance notice of proposed rulemaking in November 2022.

]]> Other Significant Previously Published in The Unified Agenda Proposed Rule Stage No No 49 CFR 1520 49 CFR 1570 49 CFR 1580 49 CFR 1582 49 CFR 1584 49 U.S.C. 114 Pub. L. 110-53, secs. 1405, 1512 and 1531 Yes

This rulemaking is necessary to address the ongoing cybersecurity threat to U.S. transportation modes with potential impacts on national security, including economic security.

]]>

TSA is in the process of determining the costs and benefits of this rulemaking.

]]> ANPRM 11/30/2022 87 FR 73527 ANPRM Comment Period End 01/17/2023 ANPRM Comment Period Extended 12/23/2022 87 FR 78911 ANPRM Comment Period Extended End 02/01/2023 NPRM 11/00/2023 Undetermined Undetermined No https://www.regulations.gov https://www.regulations.gov No No 1652-AA56 Related to Victor Parker Branch Manager, Policy Development Branch, Surface Division 1652 Transportation Security Administration TSA 571 227-3664 victor.parker@tsa.dhs.gov Policy, Plans and Engagement, 6595 Springfield Center Drive, Springfield VA 20598-6028 James Ruger Chief Economist, Economic Analysis Branch-Coordination & Analysis Division 1652 Transportation Security Administration TSA 571 227-5519 james.ruger@tsa.dhs.gov Policy, Plans, and Engagement, 6595 Springfield Center Drive, Springfield VA 20598-6028 David Kasminoff Senior Counsel, Regulations and Security Standards 1652 Transportation Security Administration TSA 571 227-3583 david.kasminoff@tsa.dhs.gov Chief Counsel's Office, 6595 Springfield Center Drive, Springfield VA 20598-6002