View Rule
View EO 12866 Meetings | Printer-Friendly Version Download RIN Data in XML |
DHS/TSA | RIN: 1652-AA74 | Publication ID: Fall 2021 |
Title: ●Surface Transportation Cybersecurity Measures | |
Abstract:
On July 28, 2021, the President issued the National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. Consistent with this priority of the Administration and in response to the ongoing cybersecurity threat to pipeline systems, TSA used its authority under 49 U.S.C. 114 to issue security directives to owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyber intrusions. The first directive, issued in May 2021, requires critical owner/operators to (1) Report confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Agency (CISA); (2) designate a Cybersecurity Coordinator to be available 24 hours a day, seven days a week; (3) review current cybersecurity practices; and (4) identify any gaps and related remediation measures to address cyber-related risks and report the results to TSA and CISA within 30 days of issuance of the SD. A second security directive issued in July requires these owners and operators to (1) Implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems; (2) develop and implement a cybersecurity contingency and recovery plan; and (3) conduct a cybersecurity architecture design review. TSA is committed to enhancing and sustaining cybersecurity and intends to issue a rulemaking that will codify certain requirements with respect to pipeline and certain other surface modes. |
|
Agency: Department of Homeland Security(DHS) | Priority: Other Significant |
RIN Status: First time published in the Unified Agenda | Agenda Stage of Rulemaking: Long-Term Actions |
Major: Undetermined | Unfunded Mandates: Undetermined |
CFR Citation: 49 CFR 1570 | |
Legal Authority: 49 U.S.C. 114 |
Legal Deadline:
None |
||||||
Statement of Need: This rulemaking is necessary to address the ongoing cybersecurity threat to U.S. transportation modes. |
||||||
Anticipated Costs and Benefits: TSA is in the process of determining the costs and benefits of this rulemaking. |
||||||
Timetable:
|
Regulatory Flexibility Analysis Required: Undetermined | Government Levels Affected: Undetermined |
Federalism: Undetermined | |
Included in the Regulatory Plan: Yes | |
RIN Data Printed in the FR: No | |
Agency Contact: Scott Gorton Executive Director, Surface Policy Division Department of Homeland Security Transportation Security Administration Policy, Plans, and Engagement, 6595 Springfield Center Drive, Springfield, VA 20598-6002 Phone:571 227-1251 Email: tsa-surface@tsa.dhs.gov |