Key Highlights
- The US Transportation Security Administration (TSA) has issued an emergency amendment requiring airport and aircraft operators to improve their cybersecurity resilience in response to persistent threats against critical infrastructure.
- The new requirements mandate that operators develop plans to prevent infrastructure disruption and degradation and assess the effectiveness of their measures.
In response to ongoing threats against the country’s aviation industry and other critical infrastructure, the US Transportation Security Administration (TSA) has issued an emergency amendment requiring airport and aircraft operators to enhance their cybersecurity resilience.
New Emergency Amendment To Enhance Cybersecurity Resilience
The new requirements mandate that operators develop plans to improve their infrastructure’s resilience and prevent disruption and degradation. Also, they should assess the effectiveness of their measures.
Aviation organizations regulated by TSA must implement network segmentation controls and policies, access control mechanisms, and incident detection and response protocols. They should ensure their systems remain patched to prevent unauthorized access to critical systems and mitigate risks to OT and IT systems.
Airport and aircraft operators were already required to fulfill certain cybersecurity requirements, such as reporting significant incidents to the Cybersecurity and Infrastructure Security Agency (CISA), conducting vulnerability assessments, designating a point of contact for security issues, and creating an incident response plan.
The TSA issued the latest cybersecurity requirements for the aviation industry just a few months after it issued a directive to improve the cybersecurity of railroad operations in the US.
Also Read: Apple Over AR/VR Headset Launch Plan
The TSA stated that the new requirements for the aviation industry were released just days after the White House launched its National Cybersecurity Strategy.
The agency added that it would continue to collaborate with the Department of Transportation, CISA, and industry partners to enhance the cybersecurity resilience of critical infrastructure in the nation through the amendment and other ongoing initiatives.
