Space for Maritime Task Force Launched

The “Space for Maritime Task Force” was recently launched by the European Space Agency (ESA) together with maritime stakeholders at the Italian Coast Guard Headquarters in Rome. The initiative acts on ESA’s vision to boost digital and green solutions, reducing emissions and enabling sustainable innovation.

In recent years, ESA Space Solutions has been cooperating with key stakeholders in the maritime sector via the Business Applications and Space Solutions (BASS) programme. These include a wide range of user communities and classes such as fisheries, coast guards, port authorities, military bodies, shipping companies, commercial operators, and international, national and European institutions. Through this cooperation, ESA has built strategic partnerships and supported several initiatives addressing domains such as maritime sustainability, ship tracking via satellite-based automatic identification systems (AIS), smart routing, autonomous vessels, water quality monitoring, the reduction of marine pollution and the green transition of ports’ eco-systems.

The Italian General Command of the Port Authority Corps - Coast Guard has, for some months, been working on a collaboration with ESA to foresee and enhance the use of space applications aimed at promoting sustainable innovation and transport in the maritime ecosystem. This collaboration has resulted in the creation of a standing committee, called the Space for Maritime Task Force (SMTF).

The Task Force aims to contribute to sustainability and maritime safety by increasing the use of innovative integrated solutions that exploit digital and space technologies, such as communications, navigation, and earth observation. This initiative will leverage active involvement of national institutions, Industry and research entities in the digital transformation of port and maritime services (e-Navigation), with a view to enhancing the sustainability of maritime transport. It will foster the innovative use of space technologies for supporting the shipping sector, for example in its transition to uncrewed shipping, as well as the implementation of a safe integration of uncrewed vessels within maritime transport provision, the monitoring of coastal areas and infrastructures, and maritime surveillance activity (in the domains of safety, security, fishing and the environment). The work will be divided into sub-topics of interest, which for the moment include "maritime sustainability", "green and smart ports" and "safety at sea and maritime security".

The results from the Task Force will be presented to international (International Maritime Organization - IMO) and European bodies, in order to contribute to the development and standardisation of requirements and innovative technologies aimed at improving maritime services. This will allow sustainable economic growth for all players involved. Rita Rinaldo, Head of the Projects & Studies Implementation Division at ESA Space Solutions commented “Collaboration with maritime stakeholders is key for ESA to support innovative solutions that exploit digital and space technologies, and to enable European space and downstream companies to contribute to sustainability and maritime safety.”

Partners in the Task Force include: the General Command of the Port Authority Corps - Coast Guard; European Space Agency (ESA); Italian Space Agency (ASI); National Inter-University Consortium for Telecommunications (CNIT); and the Directorate General for the Supervision of Port System Authorities, Maritime Transport and Inland Waterways.

DHS S&T Develops Portable Outdoor Gunshot Detection Technology for Law Enforcement

A new portable Gunshot Detection System can provide critical information about outdoor shooting incidents almost instantaneously to first responders. The system, called SDS Outdoor, was developed in collaboration between the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and Shooter Detection Systems (SDS) of Rowley, MA.

“Many U.S. gunshot detection technologies are not easily deployed in the field or at temporary locations,” said Dr. Dimitri Kusnezov, DHS Under Secretary for Science and Technology. “This new system can be moved by one or two officers without the need for technicians to transport and set up. This mobile capability will help responders approach gun violence incidents with greater awareness, reducing response times and increasing responder safety.”

The portable system is an enhancement to the current commercial, off-the-shelf Guardian Indoor Active Shooter Detection System. SDS Outdoor uses two factors—the sound and flash of the gunshot—to detect and validate each gunshot, drastically reducing false positives. Most other systems rely principally on sound, which can have higher false positive rates. Moreover, SDS Outdoor can be deployed for temporary events in locations where infrastructure support is not available, such as open-field concerts or pop-up rallies.

Delivery of this mobile system comes after almost two years of development. Prototype testing started in January 2022, and SDS provided a real-time demonstration to a user advisory group in May. It was then tested by S&T’s National Urban Security Technology Laboratory and the First Responder Technology Program team in an Operational Field Assessment at Fort Dix, New Jersey, in November. Feedback from participating law enforcement agencies who participated in the evaluations helped make the system more effective in detecting and alerting responders to gunshots.

“We’ve now transitioned the system to SDS to commercialize the technology and make it available to law enforcement agencies and first responders nationwide,” said Anthony Caracciolo, S&T First Responder Technology program manager. “The new system fills a gap identified by the First Responder Resource Group by extending gunshot detection capabilities to locations that do not support fixed deployments.”

SDS Outdoor also complements other S&T-developed detection and tracking technologies, such as MappedIn Response and Detection of Presence of Life through Walls, giving first responders a more holistic view of what they are dealing with so they can coordinate their responses accordingly.

Your latest issue of Critical Infrastructure Protection & Resilience News has arrived

Please find here your downloadable copy of the Winter 2022-23 issue of Critical Infrastructure Protection & Resilience News for the latest views and news at www.cip-association.org/CIPRNews.

- A Standard to help protect Critical Infrastructure
- Government and Industry Cooperation: More Important Than Ever for Cybersecurity Awareness
- Help2Protect: an eLearning program to counter Insider Threats
- Testing Environments Help S&T and CISA Secure Transportation Infrastructure
- Can responsible AI guidelines keep up with the technology?
- Infrastructure Resilience Planning Framework (IRPF)
- An Interview with Port of New Orleans
- Critical Infrastructure Protection & Resilience North America Preview
- Industry and Agency Reports and News

Download your Critical Infrastructure Protection & Resilience News at www.cip-association.org/CIPRNews

Critical Infrastructure Protection and Resilience News is the official magazine of the International Association of Critical Infrastructure Protection Professionals (IACIPP), a non-profit organisation that provides a platform for sharing good practices, innovation and insights from Industry leaders and operators alongside academia and government and law enforcement agencies.

#CriticalInfrastructureProtection #CriticalInfrastructure #cybersecurity #help2protect #cisa #ciprna #resilience #cooperation

CIPRNA Update Conference Agenda

Critical Infrastructure Protection and Resilience North America will be held in Baton Rouge on 7th-9th March 2023, supported by IACIPP and Infragard Louisiana.

A fanstastic conference agenda addressing some of the big challenges facing CI operator/owners, government, agencies and the broader CI community.

A range of Workshops and Mini-Symposiums help drill deeper into specific sector challenges.

Download the latest CIPRNA agenda at www.ciprna-expo.com/PSG.

Register online at www.ciprna-expo.com/onlinereg

#criticalinfrastructure #criticalinfrastructureprotection #emergencymanagement #cisa #fema #tsa #emergencyresponse #disasterriskreduction #transportsecurity #energysecurity #telecomssecurity #cbrne #cybersecurity #security

TSA detects disassembled gun concealed in two peanut butter jars at JFK Airport

It was a sticky situation in a Transportation Security Administration (TSA) checked baggage screening room at John F. Kennedy International Airport (JFK) when a TSA officer removed two jars of peanut butter, each containing parts of a disassembled semi-automatic handgun artfully concealed inside.

The .22 caliber gun parts were wrapped in plastic and had been jammed into the middle of two plastic jars of peanut butter. The gun’s magazine was loaded with bullets.

When the checked bag triggered an alarm in a Terminal 8 X-ray unit, a TSA officer opened the bag and upon closer inspection uncovered the concealed firearm parts. TSA officials notified the Port Authority Police, who came to the checked baggage room in JFK’s Terminal 8, confiscated the items, tracked down the traveler in the terminal and arrested him.

“The gun parts were artfully concealed in two smooth creamy jars of peanut butter, but there was certainly nothing smooth about the way the man went about trying to smuggle his gun,” said John Essig, TSA’s Federal Security Director for JFK Airport. “Our officers are good at their jobs and are focused on their mission—especially during the busy holiday travel period,” Essig said.

Travelers may transport their firearms for a flight if they have a proper permit and the gun is properly packed. Firearms and firearm parts must be unloaded, packed in a locked hard-sided case and taken to the airline check-in counter to be declared. At that point the airline representative will make sure that the firearm is transported in the belly of the plane. Additionally, replica firearms are prohibited in carry-on baggage and also must be transported in checked luggage.

TSA breaks record for number of firearms at security checkpoints, announces new measures to mitigate threat

Transportation Security Administration (TSA) officers intercepted a record number of firearms brought by passengers to airport security checkpoints in 2022. As of December 16, TSA has stopped 6,301 firearms; more than 88% were loaded. This number surpasses the previous record of 5,972 firearms detected in 2021. TSA anticipates it will prevent about 6,600 firearms in carry-on bags from entering the secure area of airports by the end of 2022, a nearly 10% increase over 2021’s record level.

Firearm possession laws vary by state and local government, but firearms are never allowed in carry-on bags at any TSA security checkpoint, even if a passenger has a concealed weapon permit. In order to reduce the threat of firearms at checkpoints, TSA has increased the maximum civil penalty for a firearms violation to $14,950. TSA determines the penalty amount for a violation based on the circumstances in each case. TSA will continue to revoke TSA PreCheck® eligibility for at least five years for passengers caught with a firearm in their possession. TSA may conduct enhanced screening for those passengers to ensure no other threats are present. Depending on state or local law in the airport’s location, passengers who bring firearms to a checkpoint may be arrested by law enforcement.

“I applaud the work of our Transportation Security Officers who do an excellent job of preventing firearms from getting into the secure area of airports, and onboard aircraft,” said TSA Administrator David Pekoske. “Firearms are prohibited in carry-on bags at the checkpoint and onboard aircraft. When a passenger brings a firearm to the checkpoint, this consumes significant security resources and poses a potential threat to transportation security, in addition to being very costly for the passenger.”

Trends in maritime communications

An estimated 90 per cent of the goods traded around the world travel by sea. Vital commodity flows, as well as seafarer safety, hinge on ever more sophisticated maritime communication networks.

Much of the world’s commerce would simply not be possible without the plethora of technologies making up today’s maritime communications ecosystem. These include ship stations (meaning radiocommunication equipment on board commercial, passenger or patrol vessels, etc.); coast stations that support ships at sea; as well as radar services, automatic identification, and maritime distress systems.

Although the International Maritime Organization (IMO) develops regulations for shipping, ensuring safe maritime communication largely falls to the International Telecommunication Union (ITU).

ITU Recommendations, Reports, Regulations, and databases – along with giving seafarers vital information – help safeguard the frequency bands that vessels use to navigate safely, as explained by ITU’s German Medici.

Modernizing the GMDSS

Distress, safety, and emergency maritime communications are coordinated through the Global Maritime Distress and Safety System (GMDSS), which uses terrestrial communication and satellite systems (such as those operated by Inmarsat and Iridium) to connect ships and coast stations. Discussions currently underway at ITU aim to make the GMDSS more flexible in terms of maritime safety information distribution, which in turn should open the door to new technology applications in this area, said Medici.

The GMDSS continues to evolve to improve and enhance maritime communications and safety.  Satellite EPIRBs operating at 1.6 gigahertz (GHz) and using very high frequency (VHF) systems for DSC will no longer be part of the GMDSS. However, the IMO may soon allow an existing geostationary satellite system to become a new GMDSS satellite service provider, explained Medici.

Evolving e-navigation

In the future, seafarers will increasingly rely on communications services, such as e-navigation, which IMO defines as “the harmonized collection, integration, exchange, presentation and analysis of marine information on board and ashore by electronic means to enhance berth-to-berth navigation and related services for safety and security at sea and to protect the marine environment”. High-speed broadband connections will keep ships and shore facilities continuously updated and let mariners follow real-time data displays on the bridge.

Ships will increasingly use VHF data exchange systems that integrate data exchange, application-specific messaging, and automatic identification capabilities in the same VHF maritime band, Medici added.

Beacon detection and response

Cospas-Sarsat, a satellite-aided, treaty-based search and rescue initiative that has been operational since 1985, is now developing a second-generation beacon and medium-Earth orbit search and rescue system (MEOSAR), in which repeaters are placed on global navigation satellite system (GNSS) satellites.

The initiative brings together 45 nations and agencies to collaboratively detect and locate radio beacons activated by aircraft, vessels or people in distress.

This Cospas-Sarsat development will enable near-time global coverage of beacon localization and distress message transmission, said Medici. A new “return-link-service” (RLS) will give users a confirmation that their message was received.

Autonomous vessels on the waves

Maritime autonomous surface ships (MASS) are also on the horizon. These are ships that can operate independently (to varying degrees) of human interaction.

“In April 2022, IMO began work on the development of a regulatory framework for Maritime Autonomous Surface Ships,” Medici noted.  The work aims to integrate new and advancing technologies in its regulatory framework – balancing the benefits derived from new and advancing technologies against safety and security concerns, the impact on the environment and on international trade facilitation, the potential costs to the industry, and their impact on personnel, both on board and ashore.

For the moment, these “autonomous vessels” lack specified spectrum requirements.  But that may change as MASS communications requirements are identified.  “The development of MASS may be supported by future ITU studies, including potential determination of their spectrum needs, and the publication of associated ITU Recommendations and Reports,” Medici concluded.

[Source: ITU]

Critical Infrastructure: Actions Needed to Better Secure Internet-Connected Devices

The USA's 16 critical infrastructure sectors rely on internet-connected devices and systems to deliver essential services, such as electricity and health care. These sectors face increasing cybersecurity threats—an issue on our High Risk list.

Federal agencies that have leadership roles in 3 sectors we reviewed have taken some steps to manage the cybersecurity risks posed by internet-connected devices and systems. But they've not assessed risks to the sectors as a whole. Without a holistic assessment, the agencies can't know what additional cybersecurity protections might be needed.

Cyber threats to critical infrastructure IoT and OT represent a significant national security challenge. Recent incidents—such as the ransomware attacks targeting health care and essential services during the COVID-19 pandemic—illustrate the cyber threats facing the nation's critical infrastructure. Congress included provisions in the IoT Cybersecurity Improvement Act of 2020 for GAO to report on IoT and OT cybersecurity efforts.

This report (1) describes overall federal IoT and OT cybersecurity initiatives; (2) assesses actions of selected federal agencies with a lead sector responsibility for enhancing IoT and OT cybersecurity; and (3) identifies leading guidance for addressing IoT cybersecurity and determines the status of OMB's process for waiving cybersecurity requirements for IoT devices. To describe overall initiatives, GAO analyzed pertinent guidance and related documentation from several federal agencies.

To assess lead agency actions, GAO first identified the six critical infrastructure sectors considered to have the greatest risk of cyber compromise. From these six, GAO then selected for review three sectors that had extensive use of IoT and OT devices and systems. The three sectors were energy, healthcare and public health, and transportation systems. For each of these, GAO analyzed documentation, interviewed sector officials, and compared lead agency actions to federal requirements.

GAO also analyzed documentation, interviewed officials from the selected sectors, and compared those sector's cybersecurity efforts to federal requirements. GAO also interviewed OMB officials on the status of the mandated waiver process.

The nation's critical infrastructure sectors rely on electronic systems, including Internet of Things (IoT) and operational technology (OT) devices and systems. IoT generally refers to the technologies and devices that allow for the network connection and interaction of a wide array of “things,” throughout such places as buildings, transportation infrastructure, or homes. OT are programmable systems or devices that interact with the physical environment, such as building automation systems that control machines to regulate and monitor temperature.

Figure: Overview of Connected IT, Internet of Things (IoT), and Operational Technology

To help federal agencies and private entities manage the cybersecurity risks associated with IoT and OT, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) have issued guidance and provided resources. Specifically, CISA has published guidance, initiated programs, issued alerts and advisories on vulnerabilities affecting IoT and OT devices, and established working groups on OT. NIST has published several guidance documents on IoT and OT, maintained a center of cybersecurity excellence, and established numerous working groups. In addition, the Federal Acquisition Regulatory Council is considering updates to the Federal Acquisition Regulation to better manage IoT and OT cybersecurity risks.

Selected federal agencies with a lead role have reported various cybersecurity initiatives to help protect three critical infrastructure sectors with extensive use of IoT or OT devices and systems.

Title: Sector Lead Agencies' Internet of Things (IoT) or Operational Technology (OT) Cybersecurity Initiatives

Sector (Lead Federal Agency)

Examples of IoT or OT Initiatives

Energy (Department of Energy)

Considerations for OT Cybersecurity Monitoring Technologies guidance provides suggested evaluation considerations for technologies to monitor OT cybersecurity of systems that, for example, distribute electricity through the grid.

Cybersecurity for the Operational Technology Environment methodology aims to enhance energy sector threat detection of anomalous behavior in OT networks, such as electricity distribution networks.

Healthcare and public health (Department of Health and Human Services)

Pre-market Guidance for Management of Cybersecurity identifies issues related to cybersecurity for manufacturers to consider in the design and development of their medical devices, such as diagnostic equipment.

Post-market Management of Cybersecurity in Medical Devices provides recommendations for managing cybersecurity vulnerabilities for marketed and distributed medical devices, such as infusion pumps.

Transportation systems (Departments of Homeland Security and Transportation)

Surface Transportation Cybersecurity Toolkit is designed to provide informative cyber risk management tools and resources for control systems that, for example, function on the mechanics of the vessel.

Department of Homeland Security's Transportation Security Administration's Enhancing Rail Cybersecurity Directive requires actions, such as conducting a cybersecurity vulnerability assessment and developing of cybersecurity incident response plans for higher risk railroads.

Source: GAO analysis of agency documentation │ GAO-23-105327

However, none of the selected lead agencies had developed metrics to assess the effectiveness of their efforts. Further, the agencies had not conducted IoT and OT cybersecurity risk assessments. Both of these activities are best practices. Lead agency officials noted difficulty assessing program effectiveness when relying on voluntary information from sector entities. Nevertheless, without attempts to measure effectiveness and assess risks of IoT and OT, the success of initiatives intended to mitigate risks is unknown.

The Internet of Things Cybersecurity Improvement Act of 2020 generally prohibits agencies from procuring or using an IoT device after December 4, 2022, if that device is considered non-compliant with NIST-developed standards. Pursuant to the act, in June 2021 NIST issued a draft guidance document that, among other things, provides information for agencies, companies and industry to receive reported vulnerabilities and for organizations to report found vulnerabilities. The act also requires the Office of Management and Budget (OMB) to establish a standardized process for federal agencies to waive the prohibition on procuring or using non-compliant IoT devices if waiver criteria detailed in the act are met.

As of November 22, 2022, OMB had not yet developed the mandated process for waiving the prohibition on procuring or using non-compliant IoT devices. OMB officials noted that the waiver process requires coordination and data gathering with other entities. According to OMB, it is targeting November 2022 for the release of guidance on the waiver process. Given the act's restrictions on agency use of non-compliant IoT devices beginning in December 2022, the lack of a uniform waiver process could result in a range of inconsistent actions across agencies.

Chemical security experts call for multisector cooperation against terrorism

The devastating impact of chemical weapons and explosives used in acts of terrorism continues to affect civilian populations and is well known for its destructive and long-term harm.

Last year over 1,000 improvised explosive device (IED) attacks were conducted by non-state actors, injuring over 7,150 people in more than 40 countries. Many attacks come from chemicals that criminals acquired through weak points in the supply chain – from manufacturing to storage and retail– and made into weapons.

To counter this threat, some 220 chemical security practitioners from more than 70 countries met at INTERPOL’s 3rd Global Congress on Chemical Security and Emerging Threats to find ways of reducing vulnerabilities by enhancing multisector cooperation and collaboration.

With a focus on acquisition, transportation, physical and cyber security of chemical materials, the meeting highlighted a range of security issues, such as detecting cross-border movements of regulated material and implementing regulatory frameworks.

Terrorists’ misuse of e-commerce and new technologies

The Global Congress also explored ways to counter emerging threats including terrorists’ misuse of e-commerce and new technologies to acquire toxic and precursor chemicals.

Due to the substantial growth and access to the Internet in recent years, so too we have seen an increase in digital content produced and shared through platforms such as instant messaging, social networking, blogs and online portals. The misuse of technologies can be seen as a result of this rapid growth in content, and with it a rise in suspicious activities.

Law enforcement agencies provided examples of investigative techniques that could be used to identify and prosecute the illicit purchase or sale of chemicals on the Dark Net. These lessons provided delegates with solutions to address the use of sophisticated technologies for nefarious purposes.

"The concerted effort of global law enforcement, along with our partners, is key to combatting the use of explosive precursor chemicals and chemical weapons,” Mr Hinds added.

Dual-use and precursor chemicals have a wide legitimate function in the production of consumer goods such as pharmaceuticals, cleaning supplies and fertilizers. This raises significant challenges to prevent and monitor, and remains one of the inherent threats to chemical security worldwide.

INTERPOL awareness video - ‘The Watchmaker’

In this context, an INTERPOL-produced awareness video was premiered at the meeting to engage a broad spectrum of stakeholders in understanding the importance of individuals and companies to secure dangerous toxic chemicals, including equipment.

Entitled ‘The Watchmaker’, the video highlights the need for multisector cooperation to combat these threats and will be used in a series of INTERPOL capacity building workshops and other activities related to counter-terrorism and prevention.

“Multisector collaboration is essential for us to tackle the threats we face from criminals who gain access to dangerous chemicals with malevolent intentions. Morocco is committed to strengthening the engagement of these issues as part of our proactive approach to combating terrorism,” said Mr. Mohammed Dkhissi, Head of National Central Bureau, Rabat.

Other measures proposed by the Global Congress Network include:

- Advocating chemical security recommendations such as increased retail reporting on suspicious activity;
- Expanding the INTERPOL-hosted Global Knowledge Hub, which allows members to engage in interactive discussions and access good practice guidance;
- Strengthening the Global Congress Network through greater diversity of expertise and activities across regions and sectors;
- Promoting decision-making tools such as a customer database, which can flag areas of security concern.

Since its inception in 2018, the Global Congress has been jointly led by INTERPOL, the US Cybersecurity and Infrastructure Security Agency (CISA), the US Defense Threat Reduction Agency (DTRA) and the US Federal Bureau of Investigation (FBI), and implemented in cooperation with the G7 Global Partnership Against the Spread of Weapons and Materials of Mass Destruction.

TSA issues new cybersecurity requirements for passenger and freight railroad carriers

The Transportation Security Administration (TSA) announced a new cybersecurity security directive regulating designated passenger and freight railroad carriers. Today’s announcement demonstrates the Biden-Harris Administration’s commitment to strengthen the cybersecurity of U.S. critical infrastructure. Building on the TSA’s work to strengthen defenses in other transportation modes, this security directive will further enhance cybersecurity preparedness and resilience for the nation’s railroad operations.

Developed with extensive input from industry stakeholders and federal partners, including the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Transportation’s Federal Railroad Administration (FRA), this Enhancing Rail Cybersecurity – SD 1580/82-2022-01 strengthens cybersecurity requirements and focuses on performance-based measures to achieve critical cybersecurity outcomes.

“The nation’s railroads have a long track record of forward-looking efforts to secure their network against cyber threats and have worked hard over the past year to build additional resilience, and this directive, which is focused on performance-based measures, will further these efforts to protect critical transportation infrastructure from attack,” said TSA Administrator David Pekoske. “We are encouraged by the significant collaboration between TSA, FRA, CISA and the railroad industry in the development of this security directive.

The security directive requires that TSA-specified passenger and freight railroad carriers take action to prevent disruption and degradation to their infrastructure to achieve the following critical security outcomes:

1. Develop network segmentation policies and controls to ensure that the Operational Technology system can continue to safely operate in the event that an Information Technology system has been compromised and vice versa;
2. Create access control measures to secure and prevent unauthorized access to critical cyber systems;
3. Build continuous monitoring and detection policies and procedures to detect cybersecurity threats and correct anomalies that affect critical cyber system operations; and
4. Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers, and firmware on critical cyber systems in a timely manner using a risk-based methodology.

Passenger and freight railroad carriers are required to:

1. Establish and execute a TSA-approved Cybersecurity Implementation Plan that describes the specific cybersecurity measures the passenger and freight rail carriers are utilizing to achieve the security outcomes set forth in the security directive.
2. Establish a Cybersecurity Assessment Program to proactively test and regularly audit the effectiveness of cybersecurity measures and identify and resolve vulnerabilities within devices, networks, and systems.

This is the latest in TSA’s performance-based security directives; previous security directives include requirements such as reporting significant cybersecurity incidents to CISA, establishing a cybersecurity point of contact, developing and adopting a cybersecurity incident response plan, and completing a cybersecurity vulnerability assessment. Through this security directive, TSA continues to take steps to protect transportation infrastructure in the current threat environment. TSA also intends to begin a rulemaking process, which would establish regulatory requirements for the rail sector following a public comment period.

To view TSA’s security directives and guidance documents, please visit the TSA cybersecurity toolkit.

1 2 3 8