TSA Proposes Cybersecurity Regulations for Transportation Sector

TSA proposes new cybersecurity rules for transportation sector. The Transportation Security Administration (TSA) has introduced proposed regulations that would formalize existing directives requiring pipeline and railroad operators to report cyber incidents and develop cyber risk management plans. This initiative, prompted by the 2021 Colonial Pipeline ransomware attack, aims to enhance the cybersecurity resilience of critical transportation infrastructure. The rules would impact approximately 300 surface transportation operators and are expected to incur costs of around $2.1 billion over the next decade. The TSA is seeking industry feedback on the proposal until February 5, 2024.