The Transportation Security Administration (TSA) has new cybersecurity requirements for airport and aircraft operators.
“Protecting our nation’s transportation system is our highest priority, and TSA will continue to work closely with industry stakeholders across all transportation modes to reduce cybersecurity risks and improve cyber resilience to support safe, secure, and efficient travel,” TSA Administrator David Pekoske said. “This amendment to the aviation security programs extends similar performance-based requirements that currently apply to other transportation system critical infrastructure.”
The emergency action stems from persistent cybersecurity threats against domestic critical infrastructure, which includes the aviation sector, in accordance with the Department of Homeland Security’s efforts to increase cybersecurity resilience of domestic critical infrastructure and follow collaboration with aviation partners.
The guidance requires developing network segmentation policies and controls ensuring operational technology systems can continue to safely operate in the event an information technology system has been compromised, and vice versa; establishing access control measures to secure and prevent unauthorized access to critical cyber systems; implementing continuous monitoring and detection policies and procedures to defend against, detect and respond to cybersecurity threats and; and reducing the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers and firmware on critical cyber systems in a timely manner utilizing a risk-based methodology.
According to the TSA, previous requirements for agency-regulated airport and aircraft operators included reporting significant cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA); establishing a cybersecurity point of contact; and developing and adopting a cybersecurity incident response plan.