Attacks and Vulnerabilities
Critical infrastructure
News
Transportation
Vulnerabilities

TSA announces 30-day extension for information collection for surface transportation cybersecurity

April 08, 2022
TSA announces 30-day extension for information collection for surface transportation cybersecurity

The U.S. Department of Homeland Security’s Transportation Security Administration (TSA) division has announced an extension of 30 days of the agency’s information collection activity under the Office of Management and Budget (OMB) review of cybersecurity measures for surface modes.

The notice in the Federal Register, published on Thursday, announces that the TSA has forwarded the Information Collection Request (ICR) to the OMB for an extension of the currently approved collection under the Paperwork Reduction Act (PRA). 

“The ICR describes the nature of the information collection and its expected burden,” according to the notice. “Specifically, the collection involves the submission of data concerning the designation of a Cybersecurity Coordinator; the reporting of cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA); the development of a cybersecurity contingency/recovery plan to address cybersecurity gaps; and the completion of a cybersecurity assessment,” it added.

Comments and recommendations for the proposed information collection should be sent to the agency within 30 days of publication of the notice. The last date for receiving comments is May 9, 2022.

Following its December 2021 directives, the TSA is soliciting comments to evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility. It also seeks to evaluate the accuracy of the agency’s estimate of the burden, enhance the quality, utility, and clarity of the information to be collected, and minimize the burden of the collection of information on those who are to respond, including using appropriately automated, electronic, mechanical, or other technological collection techniques or other forms of information technology.

“On Nov. 30, 2021, the OMB approved TSA’s request for emergency approval of the collections of information within Security Directive (SD) 1580-21-01, SD 1582-21-02, and an ‘information circular’ (IC), issued on Dec. 2, 2021,” the notice said. The OMB approval allowed for the institution of mandatory reporting requirements under the SDs and the collection of information voluntarily submitted under the IC. As OMB emergency approval is only valid for six months, TSA is now seeking renewal of this information collection for the maximum three-year approval period, it added.

The security directives require, and the IC recommends, that surface transportation owners and operators should designate a cybersecurity coordinator and alternate cybersecurity coordinator and provide contact information to TSA. These individuals are to be available to TSA 24/7 to coordinate cybersecurity practices, address any incidents that arise, and serve as a principal point of contact with TSA and CISA for cybersecurity-related matters. 

In addition, the security directives call upon owners and operators to report cybersecurity incidents to CISA, develop a cybersecurity incident response plan to reduce the risk of operational disruption should an owner/operator’s information and/or operational technology (OT) systems be affected by a cybersecurity incident and complete a cybersecurity vulnerability assessment to address cybersecurity gaps using the form provided by TSA and submit the form to TSA.

In the wake of the Colonial Pipeline ransomware attack that hit in May last year, the TSA issued two security directives in May and July, designed to strengthen the security of the country’s pipelines. 

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Claroty’s Team82 details exploitation of classic deserialization vulnerability in Siemens EnMPro line
Claroty’s Team82 details exploitation of classic deserialization vulnerability in Siemens EnMPro line
Microsoft debuts ICSpector framework to enable examining information and configurations of industrial PLCs
Microsoft debuts ICSpector framework to enable examining information and configurations of industrial PLCs
TXOne’s Portable Security Pro works towards improving security in ICS environments
TXOne Networks presents SageOne, its new CPS protection platform
Critical Start
Critical Start introduces managed detection and response services for OT environments
Shift5
Shift5 debuts GPS integrity module to combat GPS spoofing risks
Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure