The cybersecurity guidelines for passenger and freight train operators that were scheduled to expire on Tuesday were extended by the Transportation Security Administration (TSA). Divided into three distinct directives, the guidelines require operators to submit annual updated cybersecurity assessment plans to TSA, test portions of their cybersecurity incident response plans, and report on the efficacy of their efforts.
In the event of a breach, carriers must create network segmentation policies and controls that keep general IT systems and operational technology (OT) systems apart. The regulations also mandate that carriers design cyberthreat detection policies, implement timely operating system, application, driver, and firmware patching procedures, and adopt access control measures.