The announcement seeks to implement the Biden administration’s National Cybersecurity Strategy which calls for building a more resilient national critical infrastructure.
“Protecting our nation’s transportation system is our highest priority and TSA will continue to work closely with industry stakeholders across all transportation modes to reduce cybersecurity risks and improve cyber resilience to support safe, secure, and efficient travel,” said TSA Administrator David Pekoske. “This amendment to the aviation security programs extends similar performance-based requirements that currently apply to other transportation system critical infrastructure.”
The TSA collaborated extensively with aviation partners to develop this amendment, which is designed to strengthen cybersecurity measures in the aviation sector and follows a similar announcement made in October 2022 for passenger and freight railroad carriers.
The TSA has taken this action due to the persistent cybersecurity threats against US critical infrastructure, particularly in the aviation sector.
In the fall of 2022, US airport websites suffered a cyberattack, and pro-Russian hacking groups listed multiple U.S. airports as targets.
In previous years, groups within China launched attacks on the website of Vietnam Airlines.
These incidents highlight the vulnerability of critical infrastructure to cyber threats and the need for increased cybersecurity measures to prevent disruption and degradation of infrastructure operations. The new amendment aims to improve the cybersecurity resilience of TSA-regulated entities and reduce the risk of cyber attacks against the transportation sector.
The four major points in the TSA amendment
- Develop network segmentation policies and controls to ensure that operational technology systems can continue to safely operate in the event that an information technology system has been compromised, and vice versa.
- Create access control measures to secure and prevent unauthorized access to critical cyber systems.
- Implement continuous monitoring and detection policies and procedures to defend against, detect, and respond to cybersecurity threats and anomalies that affect critical cyber system operations.
- Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers, and firmware on critical cyber systems in a timely manner using a risk-based methodology.
Ibrahim Memis, the Head of Cyber Security at BEUMER Group, asserts that the TSA amendment is an important milestone. He suggests that airports and their suppliers should acknowledge this development and take steps to enhance their cybersecurity resilience accordingly.
“This amendment by TSA sets an excellent example for other organizations, demonstrating that cybersecurity should be an ongoing and active aspect of operations,” says Ibrahim Memis. “It is not a one-time exercise but a continuous effort to monitor and assess risks and vulnerabilities and take appropriate actions to address them.”