View Rule

View EO 12866 Meetings Printer-Friendly Version     Download RIN Data in XML
DHS/TSA RIN: 1652-AA74 Publication ID: Fall 2023 
Title: Enhancing Surface Cyber Risk Management 
Abstract:

On July 28, 2021, the President issued the National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems.  In response to the ongoing threat to pipeline systems, TSA used its authority under 49 U.S.C. 114 to issue emergency security directives to owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyber intrusions.  TSA also issued security directives in the freight, passenger, and transit-rail sectors under the same statutory authority.  TSA is committed to enhancing and sustaining industry’s resilience to cybersecurity attacks.  TSA intends to issue a rulemaking that will permanently codify critical cybersecurity requirements for pipeline and rail modes.  Through this rulemaking, TSA will also address certain requirements in the Implementing Recommendations of the 9/11 Commission Act of 2007 related to information and operational technology systems. TSA is committed to enhancing and sustaining cybersecurity for all modes of transportation and intends to issue a rulemaking that may codify these and other requirements following an opportunity for notice and comment.  In addition to holding numerous technical roundtables with the industry regarding cybersecurity requirements, TSA also solicited public input in the development of this rulemaking through publication of an advance notice of proposed rulemaking in November 2022.

 
Agency: Department of Homeland Security(DHS)  Priority: Other Significant 
RIN Status: Previously published in the Unified Agenda Agenda Stage of Rulemaking: Proposed Rule Stage 
Major: No  Unfunded Mandates: No 
CFR Citation: 49 CFR 1520    49 CFR 1570    49 CFR 1580    49 CFR 1582    49 CFR 1584   
Legal Authority: 49 U.S.C. 114    Pub. L. 110-53, secs. 1405, 1512 and 1531   
Legal Deadline:  None

Statement of Need:

This rulemaking is necessary to address the ongoing cybersecurity threat to U.S. transportation modes with potential impacts on national security, including economic security.

Anticipated Costs and Benefits:

TSA is in the process of determining the costs and benefits of this rulemaking.
Timetable:
Action Date FR Cite
ANPRM  11/30/2022  87 FR 73527   
ANPRM Comment Period End  01/17/2023 
ANPRM Comment Period Extended  12/23/2022  87 FR 78911   
ANPRM Comment Period Extended End  02/01/2023 
NPRM  11/00/2023 
Regulatory Flexibility Analysis Required: Undetermined  Government Levels Affected: Undetermined 
Federalism: No 
Included in the Regulatory Plan: Yes 
RIN Information URL: https://www.regulations.gov   Public Comment URL: https://www.regulations.gov  
RIN Data Printed in the FR: No 
Related RINs: Related to 1652-AA56 
Agency Contact:
Victor Parker
Branch Manager, Policy Development Branch, Surface Division
Department of Homeland Security
Transportation Security Administration
Policy, Plans and Engagement, 6595 Springfield Center Drive,
Springfield, VA 20598-6028
Phone:571 227-3664
Email: victor.parker@tsa.dhs.gov

James Ruger
Chief Economist, Economic Analysis Branch-Coordination & Analysis Division
Department of Homeland Security
Transportation Security Administration
Policy, Plans, and Engagement, 6595 Springfield Center Drive,
Springfield, VA 20598-6028
Phone:571 227-5519
Email: james.ruger@tsa.dhs.gov

David Kasminoff
Senior Counsel, Regulations and Security Standards
Department of Homeland Security
Transportation Security Administration
Chief Counsel's Office, 6595 Springfield Center Drive,
Springfield, VA 20598-6002
Phone:571 227-3583
Email: david.kasminoff@tsa.dhs.gov